InfoSecBulletin Cybersecurity for mankind
Cybersecurity firm Sophos has uncovered a pig-butchering ring that managed to steal over $1 million from its victims in just three months.
Translated from Chinese as “shā zhū pán,” this intriguing term describes a captivating blend of romance and fraud, skillfully coaxing victims into investing in deceptive cryptocurrency ventures.
CVSS 10.0 Flaw
Critical flaw in Siemens OZW Web Servers Enable Unauthenticated RCE
Microsoft Patch Tuesday May 2025: 72 flaws, 5 Actively Exploited Zero-Day
OTP glitch disrupted NID services across the country
Google to pay Texas $1.4 billion for location tracking practices
YouTube geo-blocks at least 4 Bangladeshi TV channels in India
Microsoft Patches Four Critical Azure and Power Apps Vulns
Qilin Ransomware topped April 2025 with 45+ data leak disclosures
SonicWall Patches 3 Flaws in SMA 100 Devices
Top Ransomware Actively Attacking Financial Sector: 406 Incidents Disclosed
Critical (CVSS 10) Flaw in Cisco IOS XE WLCs Allows RRA
An investigation was launched by Sophos following a courageous step from one of the victims, known as “Frank,” who chose to remain anonymous to safeguard his identity.
Frank claimed that he had suffered a significant financial loss of $22,000 earlier this year. He tragically fell victim to a deceitful individual who identified themselves as a German woman named “Vivian” on the dating application MeetMe.
Sophos’ researchers found 14 domains related to a scam operation. They also discovered many similar fraudulent websites. These websites were used by a group of pig butchers to make over $1 million in three months.
For weeks, Frank and Vivian, who was actually a scammer working for the ring, had frequent communication on MeetMe. Vivian, who claimed to be a US resident, persistently blended her romantic commitments with relentless efforts to persuade Frank into investing in cryptocurrency.
From May 31st to June 5th, Frank diligently deposited funds into his Trust Wallet account. Despite being a legitimate service, the pig butchers managed to deplete the funds in just three days. According to Sophos, these scams thrive due to the unregulated environment of decentralized finance (DeFi) cryptocurrency trading applications.
Sophos says that these applications establish “liquidity pools” consisting of different cryptocurrencies, which users can utilize to execute trades between different cryptocurrencies. By participating in the pool, you are entitled to a percentage of the fees generated from each trade, which offers a truly enticing return on your investment.
However, the true test lies at the moment when the investor finalizes an online smart contract – typically granting pool operators authorization to access wallets for trade facilitation purposes.
While it’s great to have a pool that operates legitimately, unfortunately, this one did not.
Sophos stated that pig butchers are using fake pools more and more to steal funds from their targets, employing a similar modus operandi. However, unlike legitimate pools, these scammers eventually deceive others and selfishly drain the entire liquidity pool.
