Sophos, a cybersecurity firm, recently uncovered a trend in cryptocurrency fraud known as “sha zhu pan (pig butchering)” scams, where scammers exploit romantic connections to deceive victims into fraudulent investments.
According to Sophos, these scams, originating from organized crime groups in China, have evolved into sophisticated operations, resembling cybercrime “as-a-service” models. The scammers now sell sha zhu pan kits on the dark web, facilitating the expansion of these schemes globally.
The kits enable criminals to execute a specific fraud called “DeFi savings,” presenting it as a passive investment opportunity similar to traditional money market accounts. Victims, often unfamiliar with cryptocurrencies, are misled into connecting their wallets to a supposed brokerage account, expecting substantial returns. However, they unknowingly contribute their funds to a fraudulent trading pool, which the scammers exploit.
READ:
CryptoRom scammers target Twitter, SMS users — Sophos
Fake CryptoRom apps bypass Apple security — Sophos
“When pig butchering first appeared during the time of the COVID pandemic, the technical aspects of the scams were still relatively primitive and required a lot of effort and guidance to successfully scam victims,” said Sean Gallagher, principal threat researcher, Sophos.
Large-scale pig butchering rings
He explained that as the scams have become more successful and the fraudsters have refined their techniques, Sophos is seeing a similar evolution with ransomware and other types of cybercrime in the past: the creation of an as-a-service model.
Sophos has monitored the evolution of these schemes for two years, witnessing their transformation from initial CryptoRom scams on dating apps to sophisticated operations infiltrating legitimate app stores. In 2023, the company uncovered large-scale pig butchering rings in Hong Kong and Cambodia, utilizing artificial intelligence (AI) and fake personas to deceive victims and steal millions.
Recent investigations by Sophos revealed a surge in DeFi savings schemes, where scammers exploit legitimate cryptocurrency apps to directly access victims’ wallets, complicating law enforcement efforts to track stolen funds. Gallagher emphasized the heightened risk posed by these schemes, as scammers exploit the complexity of cryptocurrency trading and exploit trusted brands to deceive victims.
The proliferation of sha zhu pan scams underscores the importance of awareness and vigilance in combating cryptocurrency fraud. As scammers adapt and refine their tactics, individuals must stay informed to recognize and avoid falling victim to these increasingly sophisticated schemes.