Key Highlights
- Sophos uncovered a major cryptocurrency scam operation using fake decentralized finance trading platforms called liquidity pools.
- The pig butchering ring behind the sham platforms has stolen over $1 million from victims in just 3 months.
- Scammers use elaborate social engineering like fake dating profiles to build trust and convince targets to invest.
- Victims often don’t understand legitimate crypto trading, allowing scammers to persuade them to put more money into the fake pools.
A new report from cybersecurity firm Sophos has uncovered a major cryptocurrency scam operation utilizing fake decentralized finance (DeFi) trading platforms known as liquidity pools. Sophos estimates the pig butchering (shā zhū pán) ring behind the fraudulent pools has netted more than $1 million over just three months.
The scammers rely on sophisticated social engineering to build trust with victims over weeks or months. This includes creating fake dating profiles to connect with targets on apps like MeetMe and building an emotional connection. Eventually they convince victims to invest in the sham liquidity pools.
One Victim Loses $22,000 in Just One Week
The report details how the scammers ensnared a victim named Frank (not their real name) using the fake dating profile tactic. A scammer posing as “Vivian” developed a romance with Frank before pressuring him to invest in cryptocurrency. After opening a crypto wallet, Frank invested $22,000 into a fake liquidity pool site in just one week.
Fake Sites Mirror Legitimate Trading Platforms
Sophos researchers tied 14 domains and dozens of identical counterfeit pool sites to the same fraud operation. The pig butchering scammers are seamlessly integrating the crypto trading angle into existing tactics as decentralized finance (DeFi) platforms grow more popular.
This scam takes advantage of the largely unregulated world of decentralized finance (DeFI) cryptocurrency trading applications. Such applications create “liquidity pools” of various types of cryptocurrencies that users can then access to make trades from one cryptocurrency to another.
Those who participate in the pool receive a percentage of any fee paid when a trade is made, creating an enticing return on investment.
To join a pool, participants first have to sign an online smart contract—a contract that gives another account (typically the operators of the pool) permission to access participants’ wallets to facilitate trades.
Fake pools, which pig butcherers are increasingly utilizing to siphon funds from targets, operate in much the same way. However, unlike legitimate pools, at some point these scammers “pull the rug” and empty the entire liquidity pool for themselves.
Pig Butchering Scammers Drain Pools Through Smart Contracts
The pools rely on smart contracts that give the pool operator access to user wallets to enable trading. But the scammers eventually use the contracts to withdraw everything in the pool, leaving victims like Frank with empty wallets.
Also Read: Spyware laced Telegram clones infect 60,000 Android users
Sophos notes toolkits now exist to easily set up such counterfeit crypto trading platforms. Last year, the firm identified dozens of fake liquidity pool scams. That number has now skyrocketed to over 500 active fraudulent schemes uncovered.
Scammers Leverage Lack of Crypto Trading Knowledge
Many victims do not thoroughly understand how legitimate cryptocurrency trading and decentralized finance works. This makes the social engineering tactics highly effective for luring in targets.
Even after losing money in the pools, the scammers often convince victims to invest more funds, claiming it is needed to “recover losses.” This persistence was seen with Frank. The fraudster “Vivian” continued reaching out to him weeks later using emotional manipulation to get more money.
Caution and Awareness Key to Avoid Falling Victim
With cryptocurrencies largely unregulated, education is key to avoid falling victim to these schemes. Sophos advises exercising caution with anyone suddenly befriending you online and aggressively pushing crypto investments. Reporting scams to law enforcement can help put a stop to the criminal operations.
For more about the rise of liquidity mining scams in “Latest Evolution of ‘Pig Butchering’ Scam Lures Victim in Fake Mining Scheme,” go to Sophos.com.
