Earlier today we reported that Sophos, a global leader in innovating and delivering cybersecurity as a service, has revealed how sha zhu pan scammers—those conducting elaborate, romance-based cryptocurrency fraud—are leveraging a business model similar to cybercrime “as-a-service” by selling sha zhu pan kits on the dark web, globally expanding to new markets.
It is a serious security issue which your business cannot afford to neglect.
Timeline of Sophos’ Two-Year Investigation into Pig Butchering
2021
- Sophos X-Ops spots the first “CryptoRom” fake trading apps targeting users in Asia
- Sophos X-Ops then discovers these scammers expanding their operations, targeting victims in the U.S. and Europe
2022
- Sophos X-Ops discovers more fake apps from CryptoRom scams, as well as a new workaround scammers are using so that victims can successfully download the fake apps on their iOS devices
- A new type of pig butchering scam emerges: liquidity mining
2023
- Sophos X-Ops uncovers the first fake apps for CryptoRom schemes found in the Apple App Store as scammers find ways to bypass the app store review process
- Sophos X-Ops uncovers two vast pig butchering rings operating out of Hong Kong and Cambodia. Rather than using fake apps, these scammers are now exploiting legitimate crypto trading applications, as well as building elaborate personas to hook their victims
- Sophos X-Ops finds more fake apps—and learns that pig butcherers are now adding generative AI to their toolkit
- The story of a man who lost $22,000 in a week to a pig butchering scheme leads Sophos X-Ops to a vast liquidity mining scam operation being run by three different Chinese organized crime rings
2024
- Sophos X-Ops uncovers the most technically sophisticated pig butchering scheme yet—“DeFi savings” scams. These schemes and other crypto-based scam operations are for sale as kits, leading to pig butchering rings popping up in new areas of the world
Tips to Avoid Falling Prey to Pig Butchering
To avoid falling victim to a pig butchering scam, Sophos recommends the following:
- Be skeptical of strangers that reach out via social networking sites like Facebook or texts, especially if they want to quickly move the conversation to a private messenger like WhatsApp
- This also applies for new matches on dating applications—especially if the stranger begins talking about trading in crypto
- Always be weary of any “get rich quick” scheme or cryptocurrency investment opportunity that promises large returns in a short amount of time
- Be familiar with the lures and tactics of romance scams and investment scams. Non-profits like the Cybercrime Support Network have resources that can help
- Anyone who believes they have fallen victim to a pig butchering scam should immediately withdraw any funds from any affected wallet and contact law enforcement.
Comments 2