A group of hackers has created a fake version of the HitBTC website that looks almost identical to the real one, except for a slight difference in the URL. They have used this phishing website to trick users into connecting their browser-based wallets like MetaMask and approving transactions that transfer their crypto assets to the hackers’ addresses.
According to blockchain security firm SlowMist, the hackers have managed to steal more than $15 million worth of Bitcoin, Tether, Ether, and other cryptocurrencies from unsuspecting victims.
This is one of the many phishing attacks that target crypto users and exchanges, and users should always be careful and verify the URL and the SSL certificate of the websites they visit.
Known Addresses
MistTrack revealed in a series of tweets that the fraudsters used four different crypto wallets to carry out their scheme. One of these wallets was for Bitcoin transactions, while the other three were for Ethereum and Tron transfers.
According to MistTrack, the Bitcoin address has been active since July 2022 and has received more than 52 BTC in over 400 transactions, which is equivalent to about $1.4 million at the current market price.
The Tron address has only one transaction of 242 USDT. While the first Ethereum address has dealt with various ERC-20 tokens worth millions of dollars since June 2022 and has a few thousand dollars of stablecoins in its balance.
The last Ethereum address mentioned by MistTrack has not shown any signs of activity yet.
Some of the wallets have been involved in a large number of transactions for almost a year, indicating that they may have been used for illegal purposes.
The wallets have collectively received around $15 million in total.
Phishing is Still a Problem for Crypto
The hackers behind the HitBTC phishing attack are not only targeting this cryptocurrency exchange but also operating several other malicious websites that try to trick users into revealing their sensitive information. MistTrack urged users to be vigilant and careful when visiting any website related to cryptocurrencies.
To avoid falling victim to such an attack, you should always verify the URL in your browser’s address bar before entering any sensitive data or making any transactions on a website. Make sure the URL matches exactly the legitimate website’s address and look for signs of encryption, such as HTTPS and a padlock icon.