Cybersecurity firm Kaspersky has recently uncovered a new scam targeting crypto users involving seed phrases, as detailed in a blog post on December 23. This elaborate scheme preys on individuals’ curiosity and dishonesty, ultimately leading to financial losses for those who fall victim to it.
The scam operates by manipulating seed phrases, which are essential for recovering access to crypto wallets. Scammers pose as inexperienced users seeking help on social media platforms like YouTube, where they post fake seed phrases to entice unsuspecting individuals. These fake seed phrases lead users to access what appears to be valuable wallets containing large amounts of stablecoins like Tether’s USDT, creating the illusion of easy profits.
However, withdrawing these funds requires gas fees, typically paid in Tron’s TRX. The scammers intentionally leave the wallet without enough TRX, prompting users to transfer their funds to complete the transaction. Once the funds are sent, they are immediately redirected to a wallet controlled by the scammers.
The key to the success of this scam lies in the wallet configuration, which is set up as a multi-signature wallet. This means that approvals from multiple parties are required for any transaction, ensuring that the USDT cannot be transferred out by the unsuspecting user even after they pay the gas fees.
This seed phrase scam is just one example of the various crypto scams that have been on the rise in 2024. According to blockchain security firm Cyvers, losses from crypto-related fraud have exceeded $2.3 billion this year, a significant increase compared to previous years but still 37% lower than the peak in 2022.
Cyvers has identified access control breaches as the most significant threat, accounting for $1.9 billion in losses from 67 incidents. Smart contract exploits follow closely, with $456.3 million stolen across 98 attacks.
One prevalent scam tactic highlighted by Cyvers is the pig butchering scam, where fraudsters build trust with victims over time before convincing them to invest in fake crypto projects and ultimately stealing their funds. In 2024, over $3.6 billion in victim funds across more than 150,000 addresses and 800,000 transactions were flagged, underscoring the scale and sophistication of these scams.
As the crypto space continues to evolve, it is crucial for users to remain vigilant and cautious when engaging with online platforms and interacting with unknown parties. Staying informed and following best practices for securing crypto assets can help mitigate the risks of falling victim to these increasingly sophisticated scams.