A scammer or group of scammers used a fake phishing version of crypto exchange HitBTC’s website to steal around $15 million worth of crypto.
According to a Twitter thread by crypto compliance firm Misttrack, the phishing website used looks almost identical to HitBTC’s actual website, except for a minor difference in the URL, which was Hitbt2c[.]lol instead of hitbtc[.]com.
contains stolen property bitcoin (btc), Ether (ETH), Tether (USDT)and other cryptocurrencies, Misttrack said in a Twitter thread, where it also outlined how the entire scam website works.
Once users click “Approve” their browser-based wallet like metamask Misttrack warned that hackers could potentially gain free access to all users’ holdings on a phishing website.
offending addresses
In the Twitter thread, Misttrack also identified four crypto addresses that it says belonged to the scammers, one of which was a bitcoin address, two were ethereum addresses, and one was a Tron address.
At the time of writing, the bitcoin address did not hold any funds, but since its creation in July 2022 it has transacted over 400 times and received over 52 BTC, which is worth about $1.4 million at today’s price.
The Tron address received 242 USDT in one transaction, while the first Ethereum address contained a few thousand dollars of the stable coin following millions of transactions with several different ERC-20 tokens since its creation in June 2022.
The last Ethereum address listed by Misttrack has not recorded any activity so far.
The large number of transactions in some wallets suggests that they are being used extensively for illegal purposes for about a year.
In total, approximately $15 million has been received by Wallet.
Many phishing sites are active
In addition to warning about the ongoing HitBTC phishing attack, Misttrack also noted that several other phishing websites appear to be active and under the control of the same hackers.
A large number of phishing sites have been active for three months, according to a screenshot shared by the firm along with a list of websites that used the same file name as the one used by the hackers.
operation “seems a big sha zhu pan,” the firm wrote, using the Chinese term for the so-called “pig butcher” scam, a type of scam where victims are tricked and manipulated over a long period of time.
Phishing scams are among the most common types of scams in crypto, and have been a particularly serious issue for exchanges with their websites being copied and used in attacks.
The best way to avoid becoming a victim of a phishing attack is to always check the URL in the browser’s address field carefully, and to ensure that the original website is the one before logging in or depositing any funds on any platform. What should be the URL. ,
HitBTC has not yet published any comments regarding the ongoing phishing attack.