Cryptocurrency Enthusiast Loses Over $100,000 to Malware Attack
A cryptocurrency enthusiast and entrepreneur from Singapore has reportedly lost a staggering sum exceeding $100,000 due to a malware attack disguised as a fake gaming beta test. Mark Koh, who leads RektSurvivor—a support network for victims of crypto scams—shared his harrowing experience both in an interview with Lianhe Zaobao and through a post on LinkedIn.
Details of the Attack
On December 5, Koh encountered what he believed to be a legitimate beta testing opportunity for an online game named MetaToy via Telegram. With his extensive background in Web3 projects, he was drawn in by the polished appearance of MetaToy’s online presence, including its website and Discord community, coupled with prompt responses from the team.
However, after downloading the game launcher, Koh’s computer was compromised with malware. Although his Norton antivirus software detected unusual activity, he took various precautionary measures such as conducting thorough system scans, removing suspicious files, and even reinstalling Windows 11. Unfortunately, these steps were futile. Within just 24 hours, Koh’s crypto wallet, linked to Rabby and Phantom browser extensions, was completely emptied, totaling losses of $14,189 (roughly 100,000 yuan) that he had amassed over eight years.
“I never even accessed my wallet app directly. I used distinct seed phrases, and no information was stored digitally,” Koh revealed to Decrypt.
He suspects that the attack involved a complex scheme, including identity token theft and a previously identified Google Chrome vulnerability that was reported in September, allowing hackers to execute harmful code.
Koh further explained that his antivirus system had thwarted attempts to exploit two dynamic link libraries (DLL), indicating multifaceted attack methodologies were at play.
“The malware utilized various exploit methods, including setting up a harmful scheduled task,” he remarked.
Recommendations for Enhanced Security
Given this alarming revelation, Koh emphasized the need for heightened security protocols, especially for potential targets like angel investors or game developers who may download beta software. He recommends that users remove seed phrases from online wallets when they’re not in use and suggest using private keys instead, to minimize the risk for related accounts.
Ongoing Investigation
This incident has been reported to the Singapore police, who confirmed to Lianhe Zaobao that they are investigating the matter. Koh also connected with another Singaporean victim named Daniel, who remains in communication with the scammer, who is under the false impression that Daniel is continuing to attempt to download the game launcher.
Conclusion
The MetaToy scam underscores the evolving tactics of cybercriminals, who are increasingly leveraging sophisticated techniques to distribute malware. Notably, a separate investigation by McAfee in October identified that hackers have been utilizing GitHub repositories to facilitate the operation of banking malware, particularly after the shutdown of previous servers. Additionally, the rise of deceptive AI tools and fabricated Captchas aimed at distributing crypto-theft malware is notable this year, highlighting the growing landscape of online security threats.
