Characterizing Cryptocurrency Exchange Scams

03/16/2020
by   Pengcheng Xia, et al.
0

As the indispensable trading platforms of the ecosystem, hundreds of cryptocurrency exchanges are emerging to facilitate the trading of digital assets. While, it also attracts the attentions of attackers. A number of scam attacks were reported targeting cryptocurrency exchanges, leading to a huge mount of financial loss. However, no previous work in our research community has systematically studied this problem. In this paper, we make the first effort to identify and characterize the cryptocurrency exchange scams. We first identify over 1,500 scam domains and over 300 fake apps, by collecting existing reports and using typosquatting generation techniques. Then we investigate the relationship between them, and identify 94 scam domain families and 30 fake app families. We further characterize the impacts of such scams, and reveal that these scams have incurred financial loss of 520k US dollars at least. We further observe that the fake apps have been sneaked to major app markets (including Google Play) to infect unsuspicious users. Our findings demonstrate the urgency to identify and prevent cryptocurrency exchange scams. To facilitate future research, we have publicly released all the identified scam domains and fake apps to the community.

READ FULL TEXT

page 4

page 8

research
06/11/2020

DEPOSafe: Demystifying the Fake Deposit Vulnerability in Ethereum Smart Contracts

Cryptocurrency has seen an explosive growth in recent years, thanks to t...
research
05/29/2020

Beyond the Virus: A First Look at Coronavirus-themed Mobile Malware

As the COVID-19 pandemic emerges in early 2020, a number of campaigns ha...
research
06/10/2021

Lifting The Grey Curtain: A First Look at the Ecosystem of CULPRITWARE

Mobile apps are extensively involved in cyber-crimes. Some apps are malw...
research
11/19/2021

RacketStore: Measurements of ASO Deception in Google Play via Mobile and App Usage

Online app search optimization (ASO) platforms that provide bulk install...
research
02/02/2019

A Large-scale Empirical Study on Industrial Fake Apps

While there have been various studies towards Android apps and their dev...
research
09/15/2017

AndroZoo++: Collecting Millions of Android Apps and Their Metadata for the Research Community

We present a growing collection of Android apps collected from several s...
research
03/02/2019

Clicktok: Click Fraud Detection using Traffic Analysis

Advertising is a primary means for revenue generation for millions of we...

Please sign up or login with your details

Forgot password? Click here to reset