Security experts have uncovered a new scam targeting users through physical transactions involving USDT, leveraging a modified Remote Procedure Call (RPC) function on Ethereum nodes. According to a report by security firm Slowmist dated April 26, the scam is intricately designed to deceive unsuspecting individuals by enticing them to download the legitimate imToken wallet.
The scam unfolds with the victim receiving 1 USDT and small amounts of ETH as bait after downloading the imToken wallet. Subsequently, the victim is directed to modify their ETH RPC URL to a node that has been maliciously altered and is controlled by the scammer.
RPC is crucial for the development of decentralized applications (dApps), enabling applications to communicate with a blockchain by running code on a computer. In this scenario, the modified Ethereum RPC interacts with nodes, querying balances, sending transactions, or engaging with smart contracts.
Once the victim modifies the RPC URL, they are shown a falsified wallet balance, leading them to believe they have received a substantial sum. However, when they attempt to transfer the miner’s fees to cash out the USDT, they realize the deceit. By then, the scammer has vanished with the transferred fees, leaving no traces behind.
Slowmist researchers emphasized that users often overlook potential risks by solely focusing on whether funds have been credited to their wallets. Scammers exploit this trust and negligence, using believable tactics like transferring small amounts of money to deceive users.
An investigation into one victim’s wallet revealed receiving 1 USDT and 0.002 ETH from the scammers’ address. Further tracking showed that the scammer had sent 1 USDT to three other wallets. The scammer’s address was linked to multiple trading platforms and flagged as “Pig Butchering Scammers” by the on-chain tracking tool MistTrack.
Slowmist advised users to remain vigilant during transactions and to be skeptical of others to avoid falling victim to fraud. Despite increasing awareness, scams persist in the cryptocurrency sector. In April, incidents included the hacking of Hollywood star Tom Holland’s X account to promote crypto scams and a surge of fake SpaceX giveaways on YouTube during the April 8 solar eclipse.
Powered by Crypto Expert BD
Follow us on Twitter: https://x.com/CryptoExpert_BD
Join our Telegram channel: https://t.me/CryptoExpert_BD
