Threat actors creating fake play-to-earn gaming apps to steal cryptocurrency warns FBI

Cybercriminals are using custom-created gaming apps which promise financial rewards to entice users into creating a cryptocurrency wallet, purchasing cryptocurrency, and joining a specific game app, to steal millions of dollars in cryptocurrency, the FBI said in a public service announcement.

The apps advertised as play-to-earn games offer a financial incentive to players in the form of fake rewards accumulating in the app. When users stop depositing funds in the wallets linked to the app, criminals syphon off the money using a malicious program. This program is triggered unknowingly when victims join the game, the announcement said.

Criminals then ask victims for a fee to reclaim the funds, however, victims are unable to get their money back even if they pay the extra fees, the warning said.

This attack model is executed using social engineering schemes through which attackers contact victims online and build a relationship with them over time to entice them into downloading fake apps.

(For top technology news of the day, subscribe to our tech newsletter Today’s Cache)

The FBI has advised users to create unique wallets to isolate primary cryptocurrency holdings which ensure their safety in case illicit actors access gaming wallets.

Additionally, users are advised to use a third-party blockchain explorer to independently check balances of the addresses in gaming wallets and periodically use a third-party token allowance checker to help them see which sites or apps have been permitted to access funds in users’ wallets.

Earlier in February, a report from Sophos cybersecurity shared that cybercriminals operating crypto scam apps had found a way to add fraudulent apps on Apple and Google’s official app store to execute “pig butchering” scams.

And while earlier the scam was deployed from outside official app stores, scammers were using remote content to provide codes allowing fraudulent apps to appear legitimate to app store reviewers. When approved, the apps would change the code to deliver a fake CryptoRom trading interface.