The best way to steal money is by piggybacking onto other thieves – that is the apparent motto of a cryptocurrency threat actor who drained hundreds of thousands of dollars’ worth of digital assets destined for scammers.
Analysts from Trend Micro dub the thief robber “Water Labbu” and peg its takings as 316,728 USDT filched from nine scammers so far. USDT is a stablecoin whose value is pegged to the U.S. dollar.
Water Labbu targets fraudulent decentralized applications created by scammers who entice victims into investing in a cryptocurrency mining scheme. Websites of the fraudulent decentralized application, to which victims connect their digital wallets, are infested with malicious scripts that allow Water Labbu access to the wallets.
At least 45 fraudulent, cryptocurrency related DApp websites promising risk-free income through liquidity mining contain Water Labbu code, Trend Micro says. The threat actor injects malicious JavaScript that, in turn, loads another script that delivers different content based on the victim’s IP address and browser type.
