Cybertrace investigators are issuing an urgent alert for fake crypto mining scams targeting MetaMask, TrustWallet and Electrum wallet owners. Luring innocent victims with their siren song of easy profits, the fake crypto mining scam artists instead steal their coins. Unfortunately, they do this by cunningly exploiting a well-known loophole to empty self-custodial crypto wallets (those not hosted by an exchange). Users of MetaMask, TrustWallet and Electrum wallets beware: fake crypto mining scams are out to get you! Read on and learn how they do it, so you can protect yourself. And if the scammers already got you – don’t despair! Instead, contact Cybertrace today to discuss how we can help you.
What is Crypto Mining?
Before we come to fake crypto mining scams’ impact on MetaMask, TrustWallet and Electrum wallet owners, though, let’s consider what legitimate crypto mining looks like. Basically, mining Bitcoin, Ethereum, and other cryptocurrencies means creating new coins and verifying transactions as new blocks on the blockchain. Miners do this by using powerful computers to compete in solving extremely complex maths problems that verify blockchain transactions. Unfortunately, crypto mining requires powerful, expensive, and energy-intensive computer hardware, making it difficult for most people to join in. In response, some fortune seekers have combined forces in mining pools. As the name suggests, these miners cooperate by pooling computing resources and sharing rewards (new coins). Unfortunately, fake crypto mining scam artists can also use fake mining pools as bait for their dirty deeds.
What kinds of cryptocurrency scams are out there?
While there are many different types of crypto scams in general, most concern fake trading platforms. Usually, these involve scammers convincing victims to “invest” (more and more) money, believing they are making incredible “profits”. While they “see” rising profits on a fake app/desktop dashboard, the scammers encourage them to plough in more and more. Needless to say, there is no “investment” – the victim’s money is going straight into the fraudster’s pocket! Unfortunately, that’s not even all that scammers have in store. Indeed, many have moved into the fake crypto mining scam space where they’re targeting MetaMask, TrustWallet, and Electrum wallet owners.
How Does a Fake Crypto Mining Scam work?
Cybertrace investigators have identified a growing number of fake crypto mining scams, many involving fake mining pools. Sadly, they all follow a similar playbook. First, fake crypto mining scam artists target potential victims via fake social media ads and through romance baiting. This term refers to scammers connecting with victims on dating apps and then baiting them with great-sounding investment opportunities. Acting on either trust and/or FOMO (fear of missing out), victims then engage with a fake crypto mining scam website. In order to join the fake crypto mining scam pool, victims must first “invest” their own funds. However great the promised returns are, victims never see a cent of their “invested” money again. While these kinds of scams can target anyone, owners of MetaMask, TrustWallet, and Electrum wallets are particularly at risk. That is because of a little-known function that can give scammers unlimited access to users’ tokens.
Why do Fake Crypto Mining Scams target MetaMask, TrustWallet and Electrum wallets?
Known as self-custodial wallets, MetaMask, TrustWallet and Electrum are under the direct control of their owners, rather than an exchange. Of course, that sounds great at first; after all, who doesn’t like being in control? However, it also means that all responsibility for cyber safety lies with wallet owners who might not be overly tech-savvy. Your wallet only exists on an app or a browser extension, and the company behind can’t access any of your data or help you secure it. And this is where fake crypto mining scam artists strike hard by exploiting a well-known loophole: the unlimited approval function.
What is the Unlimited Approval Function?
Because owners of MetaMask, Trust Wallet and Electrum wallets must pay transaction charges (called “gas fees”) every time they interact with a particular smart contract/decentralized app (“dApp”), many opt to use a shortcut to save on fees: the unlimited approval function. This allows a particular smart contract/dApp unlimited access to a particular coin/NFT in your wallet as per the contract’s terms. In return, the wallet owner doesn’t have to pay “gas fees” for each transaction. So long as the smart contract/dApp is legit, it’s a win-win. However, once fake crypto mining scam artists enter the picture, things get nasty quickly.
How do Fake Crypto Mining Scams Exploit the Unlimited Approval Function?
You can probably guess where this is going. The unlimited approval function in MetaMask, TrustWallet and Electrum wallets is meant to facilitate quick and cheap interactions. As is often the case, however, that very convenience can also allow scammers to walk straight through the front door. Frustratingly, they don’t even need to steal your keys or break a lock to get in! All they need is a fake dApp that you downloaded from their fake crypto mining scam pool website. It looks legit, cleverly disguises its real function, asks you for the fee-saving unlimited approval tick and, when given, proceeds to drain your wallet of all the coins you allowed it to access. All. Of. Them.
How can I Protect My MetaMask, TrustWallet and Electrum wallets from Fake Crypto Mining Scams?
Losing all your funds is devastating, especially if you have recently bought cryptocurrencies to join a mining pool. In order to prevent this from happening, as everywhere online, vigilance is key. Luckily, whether you own a MetaMask, TrustWallet or Electrum wallet, there are some easy steps to follow. First, make sure you carefully verify each dApp that asks for your permission to access coins in your wallet. Second, refuse unlimited approvals and set limits as to the maximum number of coins that a dApp can access. Finally, consider holding a diverse portfolio of coins, since malicious dApps can only access the type of coin their contract specifies, not others.
What do I if the fake crypto mining scammers already got me?
If these crooks already drained your MetaMask, TrustWallet or Electrum wallet, don’t get mad – get even! Many people falsely believe that cryptocurrencies cannot be traced; they are wrong. Cybertrace’s experienced investigators are able to trace cryptocurrencies across the blockchain, forensically analyse websites and conduct comprehensive cyber scam investigations. Our team of experts, under the leadership of Dan Halpin, has been helping innocent victims get justice for many years. As a fully accredited and well-regarded cyber fraud investigation company, we leave no stone unturned. Speak to us today to discuss your case and turn the tables on fake crypto mining scam artists.
Does jieheng.net legit mining app?
Hi John,
Our team has reached out via email.
Is xy.btbetho.cc a legit mining dapp
Hi Sam,
You can check websites using our free scam detector tool, ScamID, available through our website here: https://www.cybertrace.com.au/scamid/
I am not sure if this website is legit or not as I have been asked by someone on Telegram to use my metamask wallet to mine through this website.
What if they drain my money and how can I protect it
Please help
Thanks
Recently someone claimed they are from Binance setup what’s app group and they were shown to download Trustwallet to do a Defi Mining Pool by binance. I saw a lot of ppl is participating with large amount of money. I m not sure is legit or not. I have take screenshot etc.
Hi Carmen,
Our team has reached out via email.
Is this one a scam or is it real I am using it through onekey wallet
Hi Jason,
Our team has reached out via email.
Is this a scam?
Hi Jaimy,
Our team has reached out via email.