Crypto Hackers Pose as Security Firms in Elaborate Private Key Heists
Cybercriminals are upping their game—impersonating legitimate security companies to trick victims into surrendering private keys. It’s social engineering with a corporate mask.
How it works: Attackers mimic audit firms, wallet security services, or even regulatory bodies (looking at you, fake FSA reps). Victims get ’urgent’ alerts about compromised keys—only to hand them straight to thieves.
The irony? These scams thrive because actual crypto security is so fragmented. When every project rolls its own custody solution, users fall for the first ’official-looking’ fix. Maybe next bull run, we’ll prioritize infrastructure over memecoins.
Security companies impersonators
Yu Xian, founder of blockchain security firm SlowMist, raised the alarm on June 1 after exposing a list of fraudulent X (formerly Twitter) accounts.
These accounts, he said, pretend to represent trusted security services while secretly working to compromise their targets.
He added:
“These are criminal gangs that claim to be able to help users solve security issues such as wallet theft, but then cause users to suffer secondary harm.”
These fraudsters often lure victims by commenting under public threads where users report wallet thefts. They then direct them to fake signature-checking tools.
The fake tools often mimic platforms like Revoke, creating confusion and urgency among users. Even when they cross-check with legitimate services, they might still fall victim, believing the phishing tool uncovered something the others missed.
SlowMist noted that these impersonators also copy the profiles of real security experts, such as ZachXBT, to gain trust. Their strategy relies on speed, panic, and believability, leaving little room for victims to think critically.
Considering this, Xian advised:
“I hope everyone will not be robbed. If you are accidentally robbed, you must remain calm and do not trust anyone easily.”
Victims are now being framed
Beyond stealing funds, some attackers now try to implicate their victims in their illicit activities.
Xian noted that scammers sometimes plant misleading clues to make the victim appear involved in fraudulent activity. According to him, these tactics are designed to frustrate law enforcement efforts and cause additional trauma for victims.
To counter this, Xian recommended that victims publicly share their wallet addresses, either fully or partially masked. Doing so could help investigators verify ownership and prevent misidentification during probes.
