Cybercriminals are adopting increasingly deceptive tactics to target crypto users, with some now posing as blockchain security companies.
Their aim is to steal assets and implicate their victims in the process, making it harder for them to seek redress.
This evolution comes amid a sharp rise in crypto-related losses. In May 2025 alone, hackers and fraudsters drained over $244 million from users, according to blockchain security firm PeckShield.
That brings total year-to-date losses to more than $2 billion, underlining just how effective these schemes have become.
Security companies impersonators
Yu Xian, founder of blockchain security firm SlowMist, raised the alarm on June 1 after exposing a list of fraudulent X (formerly Twitter) accounts.
These accounts, he said, pretend to represent trusted security services while secretly working to compromise their targets.
He added:
“These are criminal gangs that claim to be able to help users solve security issues such as wallet theft, but then cause users to suffer secondary harm.”
These fraudsters often lure victims by commenting under public threads where users report wallet thefts. They then direct them to fake signature-checking tools.
The fake tools often mimic platforms like Revoke, creating confusion and urgency among users. Even when they cross-check with legitimate services, they might still fall victim, believing the phishing tool uncovered something the others missed.
SlowMist noted that these impersonators also copy the profiles of real security experts, such as ZachXBT, to gain trust. Their strategy relies on speed, panic, and believability, leaving little room for victims to think critically.
Considering this, Xian advised:
“I hope everyone will not be robbed. If you are accidentally robbed, you must remain calm and do not trust anyone easily.”
Victims are now being framed
Beyond stealing funds, some attackers now try to implicate their victims in their illicit activities.
Xian noted that scammers sometimes plant misleading clues to make the victim appear involved in fraudulent activity. According to him, these tactics are designed to frustrate law enforcement efforts and cause additional trauma for victims.
To counter this, Xian recommended that victims publicly share their wallet addresses, either fully or partially masked. Doing so could help investigators verify ownership and prevent misidentification during probes.
The post Hackers now pose as security companies to frame victims while stealing private keys appeared first on CryptoSlate.