A scammer stole around $15 million worth of cryptocurrency after cloning the user interface of HitBTC, a popular Hong Kong-based cryptocurrency exchange.

Scammers make $15 million profit

According to encryption compliance expert SlowMist Technology, the scam has been running for nearly a year and successfully tricked users into activating phishing contracts.​

The scammers executed a complex scheme and made over $15 million worth of Bitcoin ( BTC ), Ethereum ( ETH ), Tether ( USDT ), and Shiba Inu ( SHIB ).​

The plan involves a smart contract that requires users to connect their wallets. Victims make deposit transactions as they would on any exchange, and the malicious smart contract tracks their transactions.​

Once the transaction is signed and confirmed, the scammer can access the user's wallet and quickly drain the user's remaining assets. The scam mainly operates on the Bitcoin, Tron and Ethereum networks.

SlowMist Technology’s investigation revealed that the people behind the scam are not limited to HitBTC.​

In fact, they have been impersonating other well-known platforms, including South Korea’s Coinone and FTX’s former subsidiary LedgerX.​

These fraudulent websites mimic well-known web3 tools, decentralized applications (dapps) and exchanges, confusing victims and expanding scammers’ reach

Phishing attacks surge

SlowMist Technology’s investigation revealed that those behind the scam were not limited to HitBTC.​

In fact, they have been impersonating other well-known platforms, including South Korea’s Coinone and FTX’s former subsidiary LedgerX.​

These fraudulent websites mimic well-known web3 tools, decentralized applications (dapps) and exchanges, confusing victims and expanding scammers’ reach

Phishing attacks surge

Earlier on May 15, the National Cryptocurrency Enforcement Team (NCET), part of the U.S. Department of Justice (DoJ), said it would go after exchanges that, while compliant, enable criminals to launder money.​