Cybersecurity firm SlowMist has exposed a new and sophisticated scam in which attackers hijack WeChat accounts to defraud Chinese cryptocurrency users.
The firm’s founder, Yu Xian, confirmed that WeChat hacking is a verified threat.
Attackers exploit leaked account credentials and social engineering tactics to breach accounts, particularly targeting users involved in over-the-counter (OTC) crypto trading.
By leveraging previously leaked passwords and reaching out to the target’s frequently contacted WeChat friends.
The scammers obtain the necessary 6-digit verification codes to gain control of user accounts, often during late-night hours when victims are asleep and less likely to respond to security warnings.
Attackers Use Familiar Contacts to Bypass Security, Exploiting Trust
Yu Xian explained that the scam doesn’t require close relationships between the victim and their contacts.
Merely that they’ve been added on WeChat and had some interaction, even minimal communication in a group chat.
Once the attacker has the victim’s login credentials, they impersonate the user and request verification codes from these contacts under false pretenses.
Because many users don’t maintain strong password hygiene and often overlook risk alerts, this method of deception is highly effective.
The approach bypasses traditional security expectations and exploits trust-based features in messaging platforms like WeChat, making it a particularly dangerous tactic in the context of financial fraud.
Focused Attacks on the Crypto Community Through OTC Scams
The fraudsters behind these attacks are primarily targeting users engaged in OTC crypto transactions, a popular but less-regulated way of trading digital assets.
These peer-to-peer deals often occur through private messaging apps like WeChat, making them an ideal target for this type of scam.
By launching these attacks late at night, scammers increase the odds that their malicious activity will go undetected until it’s too late.
Victims have reported significant financial losses, highlighting the need for better safeguards and vigilance among crypto users, particularly those using mobile apps for trading and communication.
SlowMist Warns Users to Stay Vigilant and Strengthen Account Security
In response to the rising number of account takeovers, Yu Xian urges users to immediately update their passwords.
Also, limit the number of unfamiliar contacts on WeChat, and pay close attention to abnormal login notifications or risk alerts from the platform.
He stresses that users should not ignore such warnings, especially at night, when attackers tend to “close the net.”
The investigation by SlowMist shows the importance of proactive digital hygiene and raises urgent concerns about how social connections and leaked data can be exploited to orchestrate scams in the crypto space.
Broader Pattern of Scams Uncovered by SlowMist Raises Alarm
This WeChat scam is the latest in a series of alarming discoveries by SlowMist, highlighting ongoing vulnerabilities across the cryptocurrency ecosystem.
The firm recently exposed a critical flaw in Meta Pool’s deposit function, which could allow unchecked token minting and economic disruption.
Separately, it flagged suspicious transactions on the Nexo platform, prompting calls for user caution.
SlowMist also warned the public about a resurgence in the ‘Fake Ledger’ hardware wallet scam, where counterfeit devices were shipped to unsuspecting users with pre-filled mnemonic phrases to steal their assets.
These repeated findings underscore the importance of continuous cybersecurity monitoring and user education as crypto scams grow more creative and damaging.
Also Read: SlowMist Warns Crypto Users Of Malicious Chrome Extensions Hijacking Browsing Traffic