Bitget App
Trade smarter
Open
HomepageSign up
Bitget>
News>
SlowMist Exposes Scam Using Malicious RPC Node Modifications

SlowMist Exposes Scam Using Malicious RPC Node Modifications

Cryptopotato2024/04/27 20:52
By: Chayanika DekaMore posts by this author
SOL+1.04%ETH+0.74%
A cryptocurrency scam is targeting users in physical offline transactions and utilizing USDT for payment.

SlowMist, in collaboration with imToken, has uncovered a new breed of cryptocurrency scam that targets users in physical offline transactions, utilizing USDT as the mode of payment.

This fraudulent scheme operates by tampering with Ethereum node Remote Procedure Calls (RPC) to defraud unsuspecting victims.

Scammer’s Strategy

Initially, the scammer persuades the target to download the legitimate imToken wallet and fosters trust by transferring 1 USDT and a small amount of ETH as bait.

Subsequently, the scammer instructs the user to redirect their ETH RPC URL to a node controlled by the former, particularly using the modified node. Through this manipulation, the bad actor then falsifies the user’s USDT balance to make it seem as though funds have been deposited.

However, when the user attempts to transfer out the USDT, they discover they’ve already been deceived. But, by then, the scammer has disappeared without a trace, according to SlowMist’s findings .

The blockchain security firm also revealed that Tenderly’s Fork feature is not only capable of modifying balances but also contract information thereby posing an even graver threat to users.

As such, understanding RPC is crucial in comprehending the mechanism of such scams, SlowMist observed. RPC serves as a medium to interact with blockchain networks, enabling users to perform various actions such as checking balances and creating transactions. Typically, wallets connect to secure nodes by default, but connecting to untrusted nodes can lead to malicious modifications, resulting in financial losses.

Suspect Address Flagged for Pig Butchering Scam

Further analysis by MistTrack revealed the depth of the scam’s operations. Investigation into a known victim’s wallet address (0x9a7…Ce4) shows that they received 1 USDT and 0.002 ETH from another address (0x4df…54b).

This address, in turn, has transferred 1 USDT to multiple addresses, indicating repeated fraudulent activities. These addresses are flagged as “ Pig Butchering Scammers” by MistTrack, and are associated with various trading platforms, and implicated in multiple scam incidents.

You Might Also Like:

  • CertiK: Exit Scams and Exploits Led to $160M Losses in Crypto Sector in February
  • 50% of Solana's Recent Token Launches Revealed as Malicious Scams: Report
  • OneCoin's Head of Legal and Compliance Sentenced to 4 Years in Prison
Tags: Scams
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
PoolX: Earn new token airdrops
Lock your assets and earn 10%+ APR
Lock now!

You may also like

CandyBomb x ZBT: Trade futures to share 100,000 ZBT!
Bitget Announcement2025/10/17 13:30
Bitget Builder+ Initiative is now recruiting!
Bitget Announcement2025/10/17 11:00

Trending news

More
1
CandyBomb x ZBT: Trade futures to share 100,000 ZBT!
2
Bitget Builder+ Initiative is now recruiting!

Crypto prices

More
Bitcoin
Bitcoin
BTC
$106,716.79
+0.25%
Ethereum
Ethereum
ETH
$3,865.1
+2.02%
Tether USDt
Tether USDt
USDT
$1
+0.01%
BNB
BNB
BNB
$1,088.36
+1.71%
XRP
XRP
XRP
$2.34
+2.30%
Solana
Solana
SOL
$183.98
+0.83%
USDC
USDC
USDC
$0.9999
-0.01%
TRON
TRON
TRX
$0.3137
+1.48%
Dogecoin
Dogecoin
DOGE
$0.1868
+1.53%
Cardano
Cardano
ADA
$0.6291
+0.59%
How to sell PI
Bitget lists PI – Buy or sell PI quickly on Bitget!
Trade now
Become a trader now?A welcome pack worth 6200 USDT for new users!
Sign up now
Trade smarter