- Bitrace disclosed that counterfeit wallet apps downloaded through search engines is a leading cause of cryptocurrency losses.
- Search engine phishing links and fake wallet apps mimic legitimate ones, putting users at risk.
- Malicious backdoors in messaging platforms like Telegram redirect crypto funds.
The prominent blockchain security firm Bitrace has disclosed that the proliferation of counterfeit wallet apps downloaded through search engines is a leading cause of cryptocurrency losses. The firm revealed this finding in a recent report underscoring the “disappearing coin” phenomenon, which crypto investors often lamented.
Bitrace argued that search engines provide a thriving environment for spreading deceptive websites, with fraudulent actors employing search engine optimization (SEO) and search engine marketing (SEM) techniques to propagate phishing links. It was noted that when users conduct searches using specific keywords, they may unwittingly click on links that lead them to download counterfeit crypto wallet applications with hidden vulnerabilities.
The fraudulent applications closely mimic the appearance and functionality of legitimate ones. However, once users synchronize their mnemonic phrases through the application or deposit their assets, they risk losing their tokens, Bitrace disclosed.
Furthermore, Bitrace cited examples with the Bitpie crypto wallet. It revealed that nearly all websites featured on the first page of a search about the wallet are fraudulent. Besides, Coin Edition recently reported the case of a counterfeit KeePass password manager website ranking first via Google ads.
Meanwhile, Google search is not the only vulnerability leading to disappearing coins, as Bitrace highlighted. The company also noted the prevalence of malicious backdoors implanted into messaging platforms like Telegram.
According to the security firm, the backdoor malware can identify replacement addresses and divert funds to malicious destinations. Specifically, this scenario can occur when a person copies a crypto wallet address to initiate a fund transfer. The malicious software on the victim’s device then stealthily alters the copied address, replacing it with a fraudulent one. As a result, the cryptocurrency funds are redirected to an unintended destination.
Disclaimer: The information presented in this article is for informational and educational purposes only. The article does not constitute financial advice or advice of any kind. Coin Edition is not responsible for any losses incurred as a result of the utilization of content, products, or services mentioned. Readers are advised to exercise caution before taking any action related to the company.