FBI detects fake crypto apps that scammed $42.7M from 244 victims Zeynep Geylan · 2 hours ago · 2 min read
The FBI recently issued a public warning against fake crypto apps after detecting three fraudulent apps that stole about $42.7 million between October 2021 and May 2022.
Cover art/illustration via CryptoSlate
The U.S. Federal Bureau of Investigation (FBI) detected three fake crypto apps that stole around $42.7 million from 244 victims between October 4, 2021, and May 13, 2022, and recently issued a public warning against such fraudulent applications.
According to the FBI, these cybercriminals are using the names and logos of legitimate U.S. Businesses to attract investments. The Bureau advises all users who suspect they have been subjected to such fraudulent activities to contact the FBI through the internet or their local FBI field office.
Three fake apps discovered
The public warning includes three fake crypto apps that the FBI has discovered.
The first one, Supayos (also known as Supay), took the name of a legitimate Australian exchange and was active between the 1st and 26th of November, 2021. The attackers behind the app convinced two victims to download and make multiple deposits into their Supay accounts. They told one of the victims he was enrolled in a program requiring $900,000. When the victim wanted to close his account, he was told to deposit the amount needed or have all assets frozen.
YiBit was the second fake app that confiscated approximately $5.5 million from four victims. YiBit was a legitimate exchange platform that shut down in 2018. The attackers were active between October 4, 2021, and May 13, 2022. After they convinced 17 investors to deposit funds, they asked them to pay taxes before withdrawing funds. Four individuals were unable to remove their balances from the app.
The FBI didn’t disclose the name of the third fake app. The attackers mimicked a legitimate U.S. company and remained active between December 22, 2021, and May 7, 2022. The FBI discovered that they scammed 28 victims for approximately $3.7 million. Like the YiBit attackers, all 28 victims of this incident were asked to pay taxes before withdrawing funds. Even though 13 of them did, they were still unable to withdraw.
$300 million was lost to cyberattacks in the web3 space throughout 2020. This number surged to $2.3 billion in 2021. Moreover, it seems like it will end up even higher at the end of 2022. According to the numbers, the web3 space has lost $1.48 billion to cyberattacks between January and May 2022.
What’s more upsetting is that the recovery rates appeared extremely low for the attacks of 2022. In earlier years, the recovery rates were around 20%. However, authorities have only recovered 4.5% of the stolen $1.48 billion in 2022. According to the report, this indicated an increase in the complexity of scams.