Beware of Fake Skype Apps Stealing Cryptocurrency and Personal Information

ncover the alarming trend of counterfeit Skype apps targeting cryptocurrency and personal data, detailed in SlowMist's latest report.

Find out how these apps operate and the importance of downloading apps safely from official sources.

SlowMist Reports New Scam Involving Counterfeit Skype Application

SlowMist, a cryptocurrency security company, reported on November 13, 2023, that fraudulent activities involving a fake Skype app designed to swindle cryptocurrency assets are currently underway.

The company issued a warning to cryptocurrency holders after receiving reports from victims who were duped by downloading a counterfeit Skype application from the internet.

SlowMist's announcement detailed the nature and methods of these scams.

In the cryptocurrency industry, it's been reported that numerous fake wallet and exchange apps have been made public.

SlowMist emphasizes that the fraudulent applications target not only wallets and exchanges but also popular social apps like Telegram, WhatsApp, and Skype.

Illicit Acquisition of Images and Personal Data through Phishing Scams

The reported fake Skype app is believed to have been created by a phishing scam group based in China.

They modified the open-source library 'okhttp3', commonly used for network communications in Android and Java, to execute various malicious operations.

Specifically, the scam involves uploading various images from Android smartphones to the fraud group's backend server, along with device information, user IDs, phone numbers, and other data.

Users tend to grant permission for file access without suspicion when downloading these fake apps, as file transfer and video calls are common functions in social apps like Skype.

Automatic Replacement of Wallet Addresses in Sent Messages

Moreover, the fake app is designed to monitor users' incoming and outgoing messages, automatically recognizing TRX and ETH wallet addresses.

If such addresses are detected, the app replaces them with fraudulent addresses. This means that when a user of the fake app sends their wallet address for cryptocurrency transactions, it gets automatically switched to the scammer's address.

The receiver, unaware of the switch, ends up sending cryptocurrency to the wrong address.

Despite SlowMist's security team blacklisting these fraudulent addresses immediately, the TRX address had already received about 192,856 USDT from 110 deposits, and the ETH address approximately 7,800 USDT from 10 deposits.

Importance of Safe App Downloads from Official Sources

Past reports have shown that such fraudulent cryptocurrency-stealing apps have been published even in official stores like the App Store and Google Play.

It's crucial to download apps only from official websites or links provided therein, thoroughly verifying the content before downloading, and to avoid downloading questionable apps found online.