Advertisement
Chinese Gang Dupes Users With Fake Skype and Binance Apps, Millions in Crypto Stolen
A fake Skype app downloaded through Baidu is stealing users’ crypto, according to data from security firm SlowMist. The security researcher confirmed this after receiving a call from a Chinese individual who downloaded the app from the internet rather than an app store.
SlowMist has red-flagged an app pretending to be Skype that robbed a Chinese person of their crypto. The app was likely created by a Chinese gang who injected malicious code into an application package (APK) file the user downloaded.
Gang Uses Fake Chinese Binance App to Steal Crypto
The gang requested permission to access files and photo albums, much like a genuine social media app. The malicious files were then sent to the backend.
It appears that the gang used the same backend domain “bn-download3.com,” that was used for a fake Binance app last November. The fake Skype app has used this domain since May 23.
In addition to requesting file entrance, the fake app monitored traffic for the strings “ETH” and “TRX,” representing the Ethereum and TRON cryptocurrencies. It replaced the crypto addresses in the string with fixed malicious addresses and some retrieved from another domain.
Read more: 9 Crypto Wallet Security Tips To Safeguard Your Assets
Around 192,856 of TRX was sent to TJhqKzGQ3LzT9ih53JoyAvMnnH5EThWLQB using 110 deposits. The ETH address received 7,800 USDT in 10 transactions.
SlowMist has blacklisted these addresses and advises not to download apps from unofficial sources. Requests to access malicious files often accompany these bogus apps.
Google Identified Data Leakage on Baidu
Last year, SlowMist received complaints from a fake Binance app a victim found through a search on Baidu. The user contacted the SlowMist team after losing 5 ETH from their Binance account. The security firm identified a corrupt APK file that redirected funds toward a malicious but unidentifiable address.
The unavailability of the Google Play Store in China often encourages users to install apps from packages directly from the internet. These files are not subject to security checks and pose a significant risk.
Read more: Top Web3 Privacy Challenges & How to Overcome Them
In November 2020, Google identified that Baidu Search Box and Baidu Maps were leaking sensitive data. While Google did not explicitly forbid the collection of device-specific data like a MAC address, it advised against it in its best practice guide for app developers in its Android platform.
Do you have something to say about how the fake app developed by the Chinese gang believed responsible for a fake Binance app, or anything else? Please write to us or join the discussion on our You can also catch us on TikTok, Facebook, or X (Twitter).
