A mass cryptocurrency heist has been discovered, with over 13,000 users falling victim to a rogue app called BOM. The app deceived users into granting access to their photo library and local storage, where it scanned for wallet mnemonic phrases or private keys. The stolen funds total over $1.82 million and were transferred across different blockchains to hide the attackers' actions. The app was built with the UniApp cross-platform framework and disguised its true purpose by asking for permission to access photos and files. The stolen data was uploaded to a remote server managed by the attackers. The thieves made profits by exchanging tokens on PancakeSwap and other platforms. The Ethereum network suffered the most loss, followed by BSC, Polygon, Arbitrum, and Base.



Other News from Today