Cybercriminals and fraudsters are exploiting the DeFi craze to scam people with their hard-earned cryptocurrency tokens, experts have warned.
Sophos cybersecurity researchers have uncovered an ongoing campaign that preys on those unfamiliar with the nascent crypto space that is decentralized finance (DeFi), and slowly drains their funds until there is nothing left. nothing.
Sophos is calling the new campaigns “Liquidity Mining Scams” and has urged anyone involved in crypto trading to be wary of the offer that sounds too good to be true.
Win millions or lose thousands?
The rise of blockchain has given rise to so-called “smart contracts” – essentially pieces of code that act as an intermediary and allow two parties to engage in a transaction of value, when certain conditions are met, without the need for an intermediary.
With the help of smart contracts, decentralized finance was born – an umbrella term that covers a number of services usually offered by centralized entities (trading, lending, etc.). When it comes to trading cryptocurrencies in a decentralized environment, there needs to be a pool of liquidity for both currencies being traded.
Users are incentivized to provide this liquidity (lending their coins, essentially) by receiving a percentage of trading fees associated with a specific DeFi protocol, among other things. To do this, they often need to connect their crypto wallets (e.g. MetaMask), with the DeFi protocol.
And that’s where the scammers come in. Sophos says they will create fake apps, fake protocols or fake tokens, and reach potential targets through social media using fake identities. After a little innocent chat, they will try to persuade the victim to provide liquidity for a certain pair of cryptocurrencies that seem to promise great returns.
They will even generate fake reports to further convince the victim of big winnings and in some cases they will even allow early withdrawals. However, they will induce the victim to keep investing big, in order to earn even more. In reality, however, the target’s victims were exhausted until there was nothing left.
Once targets were taken for all they had, attackers simply vanished into thin air.