恶意软件
5,278 views
2 Discussing
Hot
Latest
See original
🚨 Warning! New Cryptocurrency Scam Invades Social Media
Scammers have recently come up with new tricks, pretending to be cryptocurrency moguls and luring newcomers to join their Telegram groups with fake X accounts on social media.
They usually comment under legitimate posts, disguising themselves as if they possess exclusive investment secrets. Once you are attracted to join the group, you will encounter a bot named OfficiaISafeguardBot, which will prompt you to undergo so-called verification steps.
This bot will create a sense of urgency, pushing you to complete the verification quickly. But be careful, this is actually a trap! Once you complete the verification, the bot will secretly inject malicious code into your clipboard, which, when executed, will download malware that can damage your system and steal your cryptocurrency wallet information!
Scam Sniffer reminds everyone that this malware has been flagged as harmful by VirusTotal, and previous similar attacks have led to the theft of private keys, resulting in significant financial losses. This is no longer just simple phishing; scammers are now combining social engineering with malware, making their tactics more cunning!
Last month, Casa's CEO Nick Neuman also shared his experience with a phishing scam. The scammer pretended to be a support agent from Coinbase, calling him to say that his password change request had been canceled and asking him to click a link in a suspicious email.
Additionally, a cryptocurrency user named "LeftsideEmiri" reported losing $300,000 due to a social engineering attack! The attack started when he received a message containing a link, which he thought was for a partner meeting on KakaoTalk, but when he clicked it, he fell victim.
In summary, in the world of cryptocurrency, scammers' tactics have surpassed traditional phishing methods, as they now employ a combination of social engineering and malware, making their scams more devious and harder to detect.
We remind everyone to stay vigilant and not to act rashly in the face of suspicious situations. Share this warning to help protect our cryptocurrency assets!
💬 Have you or anyone you know ever encountered similar cryptocurrency scams? Do you have any tips or advice for identifying and preventing these new types of cryptocurrency scams?
#加密货币骗局 #社交媒体诈骗 #Telegram陷阱 #恶意软件
Scammers have recently come up with new tricks, pretending to be cryptocurrency moguls and luring newcomers to join their Telegram groups with fake X accounts on social media.
They usually comment under legitimate posts, disguising themselves as if they possess exclusive investment secrets. Once you are attracted to join the group, you will encounter a bot named OfficiaISafeguardBot, which will prompt you to undergo so-called verification steps.
This bot will create a sense of urgency, pushing you to complete the verification quickly. But be careful, this is actually a trap! Once you complete the verification, the bot will secretly inject malicious code into your clipboard, which, when executed, will download malware that can damage your system and steal your cryptocurrency wallet information!
Scam Sniffer reminds everyone that this malware has been flagged as harmful by VirusTotal, and previous similar attacks have led to the theft of private keys, resulting in significant financial losses. This is no longer just simple phishing; scammers are now combining social engineering with malware, making their tactics more cunning!
Last month, Casa's CEO Nick Neuman also shared his experience with a phishing scam. The scammer pretended to be a support agent from Coinbase, calling him to say that his password change request had been canceled and asking him to click a link in a suspicious email.
Additionally, a cryptocurrency user named "LeftsideEmiri" reported losing $300,000 due to a social engineering attack! The attack started when he received a message containing a link, which he thought was for a partner meeting on KakaoTalk, but when he clicked it, he fell victim.
In summary, in the world of cryptocurrency, scammers' tactics have surpassed traditional phishing methods, as they now employ a combination of social engineering and malware, making their scams more devious and harder to detect.
We remind everyone to stay vigilant and not to act rashly in the face of suspicious situations. Share this warning to help protect our cryptocurrency assets!
💬 Have you or anyone you know ever encountered similar cryptocurrency scams? Do you have any tips or advice for identifying and preventing these new types of cryptocurrency scams?
#加密货币骗局 #社交媒体诈骗 #Telegram陷阱 #恶意软件
See original
Microsoft Discovers New Malware StilachiRAT, Cryptocurrency Wallet Extensions Face Security Threats
Microsoft recently revealed a new type of Remote Access Trojan (RAT) named StilachiRAT, specifically targeting cryptocurrency wallet extensions in the Chrome browser to steal user data and crypto assets.
Source: Microsoft official website
Since November 2024, security has been investigating the source of this malware and has warned that it poses a significant threat to the asset security of cryptocurrency holders.
Logic of malware operation
Reports indicate that StilachiRAT is capable of extracting credentials stored in browsers, scanning devices for cryptocurrency wallet extensions, and intercepting sensitive information such as private keys and passwords. This malware specifically targets at least 20 cryptocurrency wallets for malicious attacks, including Bitget Wallet, Trust Wallet, Coinbase Wallet, MetaMask, TronLink, BNB Chain Wallet, and OKX Wallet. Once deployed, it can steal stored digital assets by accessing clipboard data and extracting private credentials.
Source: Microsoft official website
Since November 2024, security has been investigating the source of this malware and has warned that it poses a significant threat to the asset security of cryptocurrency holders.
Logic of malware operation
Reports indicate that StilachiRAT is capable of extracting credentials stored in browsers, scanning devices for cryptocurrency wallet extensions, and intercepting sensitive information such as private keys and passwords. This malware specifically targets at least 20 cryptocurrency wallets for malicious attacks, including Bitget Wallet, Trust Wallet, Coinbase Wallet, MetaMask, TronLink, BNB Chain Wallet, and OKX Wallet. Once deployed, it can steal stored digital assets by accessing clipboard data and extracting private credentials.
Login to explore more contents