Scammers are using a whole load of tricks to launch cryptomining scams
Liquidity mining scams are the newest addition to a rich arsenal, Sophos warns
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Cybercriminals and fraudsters are tapping into the DeFi craze to scam people out of their hard-earned cryptocurrency tokens, experts have warned.
Cybersecurity researchers fromSophoshave uncovered an ongoing campaign that preys on those with little knowledge of the nascent crypto space that is Decentralized Finance (DeFi), and slowly drains their funds until there’s nothing left.
Sophos calls the new campaigns “Liquidity Mining Scams”, and has urged anyone involved in crypto trading to beware offer that sound too good to be true.
Share your thoughts on Cybersecurity and get a free copy of the Hacker’s Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at theend of this surveyto get the bookazine, worth $10.99/£10.99.
Earning millions, or losing thousands?
The rise ofblockchainhas given birth to something known as “smart contracts” - essentially pieces of code that act like the middleman and allow two parties to engage in a transaction of value, when certain conditions are met, without the need for an intermediary.
With the help of smart contracts, rose Decentralized Finance - an umbrella term that covers a number of services usually offered by centralized entities (trading, lending, etc.). When it comes to trading cryptocurrencies in a decentralized environment, there needs to be a pool of liquidity for both currencies being exchanged.
Users are being incentivized to provide this liquidity (lend out their coins, essentially) by receiving a percentage of the trading fee associated with a specific DeFi protocol, among other things. To do that, they often need to connect their crypto wallets (for example, MetaMask), with the DeFi protocol.
And here’s where the scammers jump in. Sophos says they’ll create fake apps, fake protocols, or fake tokens, and reach out to potential targets via social media usingfake identities. After a little bit of innocent chat, they’ll try and persuade the victim into providing liquidity for a certain pair of cryptocurrencies that seem to promise great returns.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Meta hit with lawsuit over failure to squash crypto scams>Dangerous phishing pop-ups appear across major crypto websites>No, Elon Musk isn’t asking you to invest in Twitter - it’s a scam
They’ll even generate fake reports to further convince the victim of great earnings, and in some cases, they’ll even allow for withdrawals early on. However, they’ll urge the victim to keep investing big, in order to earn even more. In reality, though, the target’s victims were being drained until there was nothing left.
Once the targets were taken for everything they had, the attackers would simply vanish into thin air.
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
A critical Palo Alto Networks bug is being hit by cyberattacks, so patch now
3 reasons why PIA fell in our best VPN rankings
The real battle for generative AI in software
