Scammers are exploiting YouTube comments to execute a new cryptocurrency theft scheme. Analysts from Kaspersky Lab have identified malicious comments under finance-related videos.
How it works:
- Scammers pose as inexperienced users in YouTube comments, asking for help with cryptocurrency transfers.
- They share wallet addresses accompanied by seed phrases or private keys.
- These wallets often display large balances (e.g., over 8,000 USDT) to lure potential thieves.
- To access the funds, users are required to pay a withdrawal fee, typically in TRX, which is sent to a fraudulent multisig wallet.
Multisig wallets require multiple approvals for outgoing transactions. As a result, the user loses the fee but never gains access to the advertised funds.
The analysts did not disclose the number of potential victims or the total damages caused by this scheme. However, they noted its rising prevalence.
Previously in Security Threats: Numerous popular cryptocurrency wallets were compromised after the public release of the macOS Stealer Trojan code, which is capable of stealing assets.
Recommendations:
- Ignore comments offering “help” with cryptocurrency.
- Never send funds or share sensitive information with addresses found in comments, especially if you’re asked to pay fees upfront.
- Always verify the legitimacy of wallets and links before engaging with them.
Cryptol – your source for the latest news on cryptocurrencies, information technology, and decentralized solutions. Stay informed about the latest trends in the digital world.