This episode unveils the chilling reality of a counterfeit crypto app on the Apple App Store and the shocking mass extortion by Incognito Market. Discover the cunning world of “wallet drainers,” the fallout of an audacious exit scam, and the stark reminder of the darknet’s treacherous terrain. For anyone intrigued by the intersections of cybersecurity, digital ethics, and the ever-evolving landscape of online threats, this narrative is a must-listen.
Original Articles:
- The Case of the Counterfeit Crypto Keeper: https://www.bleepingcomputer.com/news/security/fake-leather-wallet-app-on-apple-app-store-is-a-crypto-drainer/
- The Incognito Market Meltdown: https://krebsonsecurity.com/2024/03/incognito-darknet-market-mass-extorts-buyers-sellers/
Thanks to Jered Jones for providing the music for this episode. https://www.jeredjones.com/
Logo Design by https://www.zackgraber.com/
Tags: crypto heists, digital deception, Apple App Store scams, wallet drainers, darknet markets, Incognito Market, extortion tactics, cybersecurity, cryptocurrency scams, online security, digital ethics
Search Phrases:
- How to avoid crypto scams on the Apple App Store
- What are wallet drainers and how do they work
- Latest news on darknet market scams
- Understanding extortion tactics in cybersecurity
- Incognito Market exit scam and extortion scheme
- Tips for enhancing online security and avoiding scams
- Cryptocurrency scams and how to protect yourself
- The impact of digital deception on cybersecurity
- Exploring the ethics of digital practices and security measures
- Navigating the complexities of cryptocurrency and darknet markets
Transcript:
Mar 12
[00:00:00] announcer: Welcome to The Daily Decrypt, the go to podcast for all things cyber security. Get ready to decrypt the complexities of cyber safety and stay informed. Stand at the frontier of cyber security news, where every insight is a key to unlocking the mysteries of the digital domain. Your voyage through the cyber news vortex starts now.
[00:00:29] offsetkeyz: All right.
Welcome back today, we’re untangling the web of a counterfeit crypto app. Mimicking leather wallet. That’s picking pockets in the virtual vault of the apple store. Oh, and when you thought your digital dealings were dark enough, incognito market decides to exit stage left with a grand finale. That turns extortion. Into an art form.
[00:00:52] transition: Thanks for watching!
[00:00:58] offsetkeyz: Red leather wallet, yellow, [00:01:00] leather wallet, red leather wallet, yellow leather wallet. All right.
So let’s dive into the case of the counterfeit crypto keeper.
There was a new up and coming crypto wallet, service named. Leather wallet. That though is a real.
Website and can really store cryptocurrencies. They do not have an app on the apple store.
They’re developers have tweeted. They have sent out emails.
They’ve let their users know that there is no app on the apple store at this time yet. There is an app. Named leather wallet on the apple store.
So as you might have guessed, this app is a counterfeit app that is just trying to get your real cryptocurrency out of the real leather wallet.
Service.
This counterfeit app is one of many. What’s known as. Wallet drainer apps. There are malicious applications or scripts that deceive users into entering their secret passphrases or executing harmful transactions. These apps allow attackers to steal digital [00:02:00] assets, including cryptocurrencies and NFTs from users, wallets. This past year, we’ve seen a significant increase in crypto drainers. With the tackers hacking social media accounts with large followings.
In order to promote fishing sites or taking out ads to direct users, to malicious sites.
So if you are a user, a customer of leather wallet, And you have entered your passphrase into the fake app? Well, any app because the company doesn’t have an app.
The company is advising you to transfer your cryptocurrency to a new wallet as soon as possible.
The real leather wallets website is just leather.io.
So make sure that any apps you download in the future are from that website directly.
The fraudulent app still remains available on the app store as of today. And it was last reported as still active, published under Leetal calm Ru. So a jumble of characters. And has a 4.9 rating. Uh, though, most of the reviews seem to be fake.
[00:03:00] Um, it’s pretty impressive that these scammers have gotten these apps onto the apple app store.
I mean, there’s tons of apps. That’s, it’s hard to review them all. But apple usually has a good reputation for reviewing these.
I’d love to see a specific policy at apple for any sort of banking or.
Cryptocurrency, app’s going through a little extra scrutiny. Perhaps reaching out to the official company before approving the app.
I know cryptocurrency is becoming more and more consumer, but.
The best practice here is to navigate to the website. That you. Have your cryptocurrency in make sure it’s the actual website.
Like I mentioned before. These scammers can purchase Google ad space and advertise a fake website that would link you to their app. So make sure it’s not an advertisement for the website. Make sure it’s the real website.
And find the download links there. I know that it adds an extra step. From just.
Searching the app store for the name, but. The stakes are pretty high with [00:04:00] your cryptocurrency.
[00:04:06] offsetkeyz: Our second story comes from Krebs on security, and it is a story about betrayal. Blackmail. And the digital underworld that could send shivers down your spine. All right. So there is a market on the dark web, and if you haven’t heard my talk on the dark web, it was released last Sunday, live talk. That should give you some context for this.
There is a market called the incognito market.
Which is a notorious dark net narcotics. Bizarre. Known for its anonymity and a thriving underground marketplace.
Having built up a rapport with the criminals and drug dealers of the dark web, the incognito market has started. Extorting, both its buyers and its vendors threatening to release their cryptocurrency transaction details in chat records. Unless they PFE ranging from $100 to $20,000.
This [00:05:00] extortion is following. What’s called an exit scam that recently took place on the incognito market, where the users of this market found themselves unable to withdraw millions of dollars worth of funds.
Which indicates that this platform shut down very abruptly.
Now they’ve released this blackmail message on the home page that warns users. Of the impending release of 557,000 orders and 862,000 cryptocurrency transaction IDs. Unless they comply with the extortion demands. So obviously this market is done for. Their reputation is completely tarnished. They will never come back. But they’re trying to take down everybody with them.
This is one of the risks of the dark web and doing illegal things there. Because once you start dealing in illegal trades, You have something that you want to keep private and they know that something.
And anything you want to keep secret can be extorted.
Brett Johnson, a reformed cybercriminal comments that all darknet markets eventually end in [00:06:00] exit scams or law enforcement shutdowns. Which is highlighting a pattern of unreliability and deceit inherit. To such platforms. Knowing that every marketplace will end in either. An exit scam or law enforcement, neither of which are appealing.
Yet, they still give their money to these markets and do their business there. It tells me yes, that the reward outweighs the risk.
But it is a slight defender when that we need to lean in on. On this inconsistency.
And we got to keep going. We got to keep disrupting these markets.
And that’s all we have for the day. Thanks so much for listening. We hope you enjoyed this shorter episode.
[00:06:44] offsetkeyz: And we will be back tomorrow. With some more news. [00:07:00]