Phishing Attack on friend.tech Revealed
SlowMist has uncovered a sophisticated phishing attack on friend.tech, where scammers utilized fake interviews and malicious scripts to target users. The attackers sent a link containing a malicious JavaScript script, tricking users into adding it as a bookmark for future malicious activities.
The investigation found that the attacker posed as a journalist from a reputable news agency and had over ten thousand followers on Twitter. They targeted key opinion leaders and followed the same people as the victims, creating a sense of community. After scheduling interviews, the attacker offered to join on Telegram and provided an interview plan, ultimately leading victims to open a phishing link.
Although it is unclear how much cryptocurrency was stolen or how many users were affected, experts urge vigilance and caution regarding suspicious content and links.
The CoinsPaid Security Breach
In July, a programmer from CoinsPaid fell victim to a phishing attack after being lured by a lucrative job offer through LinkedIn. During an interview, he was asked to upload a file for a technical test, which led to unusual withdrawals from the company’s accounts totaling $37 million.
Hot Take: Beware of Phishing Attacks
Crypto users must remain cautious and avoid falling victim to phishing attacks by refraining from clicking unknown links, learning to identify phishing attempts, and maintaining skepticism when prompted for authorization or password input.
By
By
By
By
By
By