SlowMist’s blockchain investigators have discovered a new cryptocurrencycurrency fraud that targets customers who make offline USDT transfers through physical cash trades. The scammers mislead victims into connecting their imToken wallet to a rogue node controlled by them.
According to SlowMist, criminals change user balances and contract data by exploiting weaknesses in blockchain technology, such as Ethereum’s Remote Procedure Calls. Connecting to an untrusted node exposes users to such manipulation.
First, the fraudsters establish trust by directing the target to download imToken’s official app and transmit tiny sums of USDT and ETH. However, they then urge the user to adjust their node settings, which allows the scammers to inflate the victim’s USDT balance and make it appear that a deposit was made.
However, when the user attempts to withdraw the funds, they discover that the inflated balance is an illusion. By then, the scammers had already made off with the money from the in-person transaction.
Read also: