Emma Okonji
Sophos, a global leader in cybersecurity innovation and delivery as a service, has revealed how sha zhu pan fraudsters carrying out elaborate romance-based cryptocurrency scams are taking advantage of a cybercrime-like business model called โas a serviceโ by selling kits. of sha zhu pan on the dark web, thus expanding globally to new markets.
Sophos details these advanced sha zhu pan (aka pig slaughter) operations in their article, โCryptocurrency Scams Metastasise into New Forms.โ
Giving details about the fraud, Sophos senior threat researcher Sean Gallagher said: โWhen pig slaughter first emerged during the COVID pandemic, the technical aspects of the scams were still relatively primitive and required a lot of effort. and guidance for successful scam victims. Now, as scams have become more successful and scammers have perfected their techniques, we are seeing a similar evolution to what we have seen with ransomware and other types of cybercrime in the past, which is the creation of a ' as-a-service model. Hog slaughter networks are creating ready-made DeFi application kits, which other cybercriminals can purchase on the dark web. As a result, new pig slaughter rings that are not affiliated with Chinese organized crime groups are emerging in areas such as Thailand, West Africa, and even the United States.
โAs with other types of commercialized cybercrime, these kits lower the barriers to entry for cybercriminals interested in pig slaughter and greatly expand the pool of victims. โLast year, pig slaughter was already a multi-million dollar fraud phenomenon and the problem is likely to grow exponentially this year.โ
Sophos X-Ops has been following the evolution of pig slaughter systems for two years. Early iterations, dubbed by Sophos as 'CryptoRom' scams, involved connecting with potential victims on dating apps and then convincing them to download fraudulent crypto trading apps from third-party sources.
In 2022, scammers continued to refine their operations, this time finding ways to bypass app store review processes to get their fraudulent apps into the legitimate App Store and Google Play Store. This was also the year a new scam pattern emerged: fake cryptocurrency trading groups (liquidity mining).
