phishing
83,405 views
38 Discussing
Hot
Latest
๐๐๐ง๐ญ๐ ๐
๐จ๐ฎ๐ง๐๐๐ซ ๐๐๐ซ๐ ๐๐ญ๐๐ ๐ข๐ง ๐
๐๐ค๐ ๐๐จ๐จ๐ฆ ๐๐๐ฅ๐ฅ ๐๐๐๐ค โ ๐๐ฅ๐ฅ๐๐ ๐๐ ๐๐๐ณ๐๐ซ๐ฎ๐ฌ ๐๐ญ๐ญ๐๐๐ค
A hacker impersonated a team member on Zoom and asked the Manta founder to download a fake file โ it nearly worked.
โค What happened?
According to the Cointelegraph news, Manta Network co-founder Kenny Li says he was nearly hacked during a Zoom meeting where the attacker used a real-looking video of someone he knew โ but there was no sound.
Then came the trick:
The call said โZoom needs an updateโ and asked him to download a script file.
He left immediately and later realized it was a phishing attack.
โค Who was behind it?
Li believes it was a Lazarus Group operation โ a notorious North Korean hacker group targeting crypto teams.
โIt wasnโt AI โ it looked like real footage from a webcam.โ
โ Kenny Li
The hacker refused to verify their identity over Telegram, erased the chat, and blocked him after being questioned.
โค Why this is dangerous:
The Zoom video used real faces of known team members
The hacker asked to download malware disguised as a Zoom update
It looked very real โ enough to trick busy Web3 founders
โค Others reported the same attack:
โThey sent a fake Zoom link and said only their version worked.โ
โWhen I offered to use Google Meet, they refused.โ
Even people who had Zoom installed were told to download a special version โ another trick.
โค Kenny Liโs warning:
Always be suspicious when someone asks you to download anything unexpectedly.
โIf you must download something to continue a meeting, donโt do it. Thatโs your biggest red flag.โ
Stay alert, Web3 fam โ this attack was nearly perfect.
Fake Zoom calls might be the new weapon of crypto hackers.
#Manta #Phishing
$BTC
A hacker impersonated a team member on Zoom and asked the Manta founder to download a fake file โ it nearly worked.
โค What happened?
According to the Cointelegraph news, Manta Network co-founder Kenny Li says he was nearly hacked during a Zoom meeting where the attacker used a real-looking video of someone he knew โ but there was no sound.
Then came the trick:
The call said โZoom needs an updateโ and asked him to download a script file.
He left immediately and later realized it was a phishing attack.
โค Who was behind it?
Li believes it was a Lazarus Group operation โ a notorious North Korean hacker group targeting crypto teams.
โIt wasnโt AI โ it looked like real footage from a webcam.โ
โ Kenny Li
The hacker refused to verify their identity over Telegram, erased the chat, and blocked him after being questioned.
โค Why this is dangerous:
The Zoom video used real faces of known team members
The hacker asked to download malware disguised as a Zoom update
It looked very real โ enough to trick busy Web3 founders
โค Others reported the same attack:
โThey sent a fake Zoom link and said only their version worked.โ
โWhen I offered to use Google Meet, they refused.โ
Even people who had Zoom installed were told to download a special version โ another trick.
โค Kenny Liโs warning:
Always be suspicious when someone asks you to download anything unexpectedly.
โIf you must download something to continue a meeting, donโt do it. Thatโs your biggest red flag.โ
Stay alert, Web3 fam โ this attack was nearly perfect.
Fake Zoom calls might be the new weapon of crypto hackers.
#Manta #Phishing
$BTC
๐จ ALERT: ENS founder Nick Johnson warns of an "extremely sophisticated" Google phishing scam targeting users with fake subpoena notices. ๐
โ ๏ธ The emails pass DKIM checks and appear as legit Gmail security alerts.
๐ฉ Stay sharp โ even your inbox isnโt safe.
#Phishing #Crypto #CyberSecurity #ENS #Web3
โ ๏ธ The emails pass DKIM checks and appear as legit Gmail security alerts.
๐ฉ Stay sharp โ even your inbox isnโt safe.
#Phishing #Crypto #CyberSecurity #ENS #Web3
BE EXTREMELY CAUTIOUS of deceptive posts, announcements, or direct messages on Binance Square.
Scammers often use these tactics to trick you into clicking malicious links or simply to boost their engagement. They commonly use #phishing tactics below:
1. Fake Giveaways: Offers of free crypto or other rewards that seem too good to be true.
2. Easy Airdrops: Promises of instant, effortless airdrops requiring you to connect your wallet or provide personal information.
3. Easy Daily Earnings by " HOW I EARN 15$ in a day or 2000$ in a week" Schemes: Claims that you can earn significant amounts of crypto by simply posting.
Remember: There's no such thing as a free lunch in the crypto world. If it sounds too easy, it's likely a scam.
#BinanceCrosswords #SecureYourAssets #BinanceSafetyInsights
too good to be true
Scammers often use these tactics to trick you into clicking malicious links or simply to boost their engagement. They commonly use #phishing tactics below:
1. Fake Giveaways: Offers of free crypto or other rewards that seem too good to be true.
2. Easy Airdrops: Promises of instant, effortless airdrops requiring you to connect your wallet or provide personal information.
3. Easy Daily Earnings by " HOW I EARN 15$ in a day or 2000$ in a week" Schemes: Claims that you can earn significant amounts of crypto by simply posting.
Remember: There's no such thing as a free lunch in the crypto world. If it sounds too easy, it's likely a scam.
#BinanceCrosswords #SecureYourAssets #BinanceSafetyInsights
too good to be true
See original
๐ด Phishing is attacking: scammers are sending fake SMS messages on behalf of Binance
If you received a suspicious SMS from Binance โ don't panic, but stay alert.
A massive phishing attack on exchange users has been recorded online.
๐ What's happening:
โข Users are receiving SMS messages with alarming notifications such as:
โ "New 2FA binding detected"
โ "API connection to Ledger Live"
โข The victim is urged to urgently call a fake "support service"
โข Some messages even arrive in the same chat as real Binance notifications
โข Data leaks from Binance and Gemini users may have reached the dark web โ hence the targeted attacks
๐ก Binance has already responded:
โ The anti-phishing code now works in SMS as well, not just in email
โ The code is created by the user and will be displayed in all official messages
โ ๏ธ Impact on the crypto market โ neutral, but reputational risks and growing distrust of centralized platforms remain. And now the question: do you have the anti-phishing code enabled?
Subscribe to know where phishing is, and where it's truly ๐ด
#bitcoin #crypto #Binance #security #phishing $BNB $BTC $ETH
If you received a suspicious SMS from Binance โ don't panic, but stay alert.
A massive phishing attack on exchange users has been recorded online.
๐ What's happening:
โข Users are receiving SMS messages with alarming notifications such as:
โ "New 2FA binding detected"
โ "API connection to Ledger Live"
โข The victim is urged to urgently call a fake "support service"
โข Some messages even arrive in the same chat as real Binance notifications
โข Data leaks from Binance and Gemini users may have reached the dark web โ hence the targeted attacks
๐ก Binance has already responded:
โ The anti-phishing code now works in SMS as well, not just in email
โ The code is created by the user and will be displayed in all official messages
โ ๏ธ Impact on the crypto market โ neutral, but reputational risks and growing distrust of centralized platforms remain. And now the question: do you have the anti-phishing code enabled?
Subscribe to know where phishing is, and where it's truly ๐ด
#bitcoin #crypto #Binance #security #phishing $BNB $BTC $ETH
See original
According to security firm Web3 Scam Sniffer, over $127 million in #Criptomonedas was stolen from investors in Q3 2024, with approximately $46 million lost in September to phishing attacks.
In phishing attacks, scammers trick investors into linking their crypto wallets, such as #MetaMask , to fraudulent services. Linking crypto wallets to #phishing websites allows scammers to withdraw#cryptocurrenciesfrom users without further authentication.
In phishing attacks, scammers trick investors into linking their crypto wallets, such as #MetaMask , to fraudulent services. Linking crypto wallets to #phishing websites allows scammers to withdraw#cryptocurrenciesfrom users without further authentication.
Twenty malicious #npm packages impersonating the #Hardhat #Ethereumโ
development environment have targeted private keys and sensitive data. These packages, downloaded over 1,000 times, were uploaded by three accounts using #typosquatting techniques to trick developers. Once installed, the packages steal private keys, mnemonics, and configuration files, encrypt them with a hardcoded AES key, and send them to attackers. This exposes developers to risks like unauthorized transactions, compromised production systems, #phishing , and malicious dApps.
Mitigation tips: Developers should verify package authenticity, avoid typosquatting, inspect source code, store private keys securely, and minimize dependency usage. Using lock files and defining specific versions can also reduce risks.
$ETH
Mitigation tips: Developers should verify package authenticity, avoid typosquatting, inspect source code, store private keys securely, and minimize dependency usage. Using lock files and defining specific versions can also reduce risks.
$ETH
#PeckShieldAlert
A #phishingscam address labeled "Fake_Phishing442897," which stole $55.4M in #DAI from a whale's account, has swapped 250K $DAI for 102.6 $ETH & transferred them to a new address 0x2751...fC12
The #phishing address currently holds ~$40.5m worth of cryptos, including ~15.18K $ETH , ~2.8M $DAI & ~327.3 $stETH
A #phishingscam address labeled "Fake_Phishing442897," which stole $55.4M in #DAI from a whale's account, has swapped 250K $DAI for 102.6 $ETH & transferred them to a new address 0x2751...fC12
The #phishing address currently holds ~$40.5m worth of cryptos, including ~15.18K $ETH , ~2.8M $DAI & ~327.3 $stETH
๐จ#CyberSecurityAlert: There are now over 2,650 fake DeepSeek phishing sites, with a significant spike since Jan 26.
These sites trick users into revealing login credentials or buying virtual assets through misleading domains and interfaces.
Stay vigilant and double-check URLs! ๐ #phishing #DeepSeek #CryptoScams
These sites trick users into revealing login credentials or buying virtual assets through misleading domains and interfaces.
Stay vigilant and double-check URLs! ๐ #phishing #DeepSeek #CryptoScams
Stay #SAFU on X and other socials.
@JasonYanowitz on X narrates his #hack odeal.
I got hacked yesterday. At the risk of looking foolish, I'll share how it happened so you can avoid this nightmare. For the past few weeks, people have been trying to get into my accounts. #Crypto accounts, email, twitter, etc... every few days I get an email that someone is trying to access one of my accounts. Thankfully I have non-text #2FA set up for everything so nothing got hacked. So when I got back from dinner last night and saw this email, I panicked.
Someone in North Cyprus had finally managed to hack into my account. I guess my security wasn't strong enough and they found a loophole.
I clicked the link to "secure my account". I entered my username and password, updated to a new password, and voila: I'm back in. Crisis averted. Or so I thought. Moments later, I got an email saying my email address had been changed.
This was the real hack.
I was now officially locked out of my account. So how did this happen? It turns out the original email, which looks incredibly real, was not so real. Most email clients hide the actual address.
But when you expand it, you can see that this email was sent from "verify@x-notify.com" Fake address. I got phished. Very foolish mistake. I don't open Google Docs when they're sent to me. I don't click links. I typically check addresses. But Friday 8pm after a long week, they got me. I am aware this thread exposes a pretty dumb mistake but if I can save one person from this same mistake, it's worth it.
Some takeaways:
- Don't click links
- If you do click a link, review the actual email address
- Set up non-text 2FA on everything
- If you've done that, trust your own security process
- If you think you've been hacked, slow down and think about how this could have happened
Big thank you to @KeithGrossman and some folks at X for helping me get my account back so quickly.
If you're still reading, go read the self-audit series from @samczsun.
And this best practices from @bobbyong.
Lot more you can do but start there. #phishing
@JasonYanowitz on X narrates his #hack odeal.
I got hacked yesterday. At the risk of looking foolish, I'll share how it happened so you can avoid this nightmare. For the past few weeks, people have been trying to get into my accounts. #Crypto accounts, email, twitter, etc... every few days I get an email that someone is trying to access one of my accounts. Thankfully I have non-text #2FA set up for everything so nothing got hacked. So when I got back from dinner last night and saw this email, I panicked.
Someone in North Cyprus had finally managed to hack into my account. I guess my security wasn't strong enough and they found a loophole.
I clicked the link to "secure my account". I entered my username and password, updated to a new password, and voila: I'm back in. Crisis averted. Or so I thought. Moments later, I got an email saying my email address had been changed.
This was the real hack.
I was now officially locked out of my account. So how did this happen? It turns out the original email, which looks incredibly real, was not so real. Most email clients hide the actual address.
But when you expand it, you can see that this email was sent from "verify@x-notify.com" Fake address. I got phished. Very foolish mistake. I don't open Google Docs when they're sent to me. I don't click links. I typically check addresses. But Friday 8pm after a long week, they got me. I am aware this thread exposes a pretty dumb mistake but if I can save one person from this same mistake, it's worth it.
Some takeaways:
- Don't click links
- If you do click a link, review the actual email address
- Set up non-text 2FA on everything
- If you've done that, trust your own security process
- If you think you've been hacked, slow down and think about how this could have happened
Big thank you to @KeithGrossman and some folks at X for helping me get my account back so quickly.
If you're still reading, go read the self-audit series from @samczsun.
And this best practices from @bobbyong.
Lot more you can do but start there. #phishing
Important Update๐ฎ
Check this post before you lose your funds.
As the bull market approaches, beware of the phishing scams currently taking place in the crypto world. Many fraudsters are using this market appreciation to send phishing emails and tokens to unsuspecting investors.
โข What is a phishing scam?
Phishing scams are deceptive attempts to trick individuals into disclosing sensitive information such as usernames, passwords or financial details. These scams, usually perpetrated through fake emails, messages or websites, often impersonate legitimate organizations.
โข What you need to do to avoid becoming a victim:
Don't click on unknown links and look for red flags in incoming messages, such as unusual return addresses, typos, or requests for sensitive information.
Verify the legitimacy of requests through official channels by adding additional layers of protection, such as two-factor authentication.
Don't try to sell random tokens or NFTs that appear in your wallet.
Have a dedicated phone or PC for trading and wallet related activities.
Remember: Your generous tips โค๏ธ will empower us to share more valuable content.
#HotTrends #Write2Earn #phishing #cryptoonline
Check this post before you lose your funds.
As the bull market approaches, beware of the phishing scams currently taking place in the crypto world. Many fraudsters are using this market appreciation to send phishing emails and tokens to unsuspecting investors.
โข What is a phishing scam?
Phishing scams are deceptive attempts to trick individuals into disclosing sensitive information such as usernames, passwords or financial details. These scams, usually perpetrated through fake emails, messages or websites, often impersonate legitimate organizations.
โข What you need to do to avoid becoming a victim:
Don't click on unknown links and look for red flags in incoming messages, such as unusual return addresses, typos, or requests for sensitive information.
Verify the legitimacy of requests through official channels by adding additional layers of protection, such as two-factor authentication.
Don't try to sell random tokens or NFTs that appear in your wallet.
Have a dedicated phone or PC for trading and wallet related activities.
Remember: Your generous tips โค๏ธ will empower us to share more valuable content.
#HotTrends #Write2Earn #phishing #cryptoonline
Quoted content has been removed
See original
๐จ$7.8 Million SolvBTC Lost Due to Phishing Scam๐จ
A user has lost $7.8 million worth of SolvBTC after falling for a phishing scam. The incident, detected by Scam Sniffer, occurred within a span of 34 minutes, highlighting the security risks in the cryptocurrency world. What additional measures do you think should be implemented to protect users from these scams? ๐ค๐๐ฐ
#Criptomonedas #SeguridadOnline #Phishing
$VET $VTHO $VANRY
A user has lost $7.8 million worth of SolvBTC after falling for a phishing scam. The incident, detected by Scam Sniffer, occurred within a span of 34 minutes, highlighting the security risks in the cryptocurrency world. What additional measures do you think should be implemented to protect users from these scams? ๐ค๐๐ฐ
#Criptomonedas #SeguridadOnline #Phishing
$VET $VTHO $VANRY
#PeckShieldAlert
The #phishing address that drained 55.4M $DAI has transferred 6,958.7 $ETH (worth ~$20m) to 10 addresses
The #phishing address that drained 55.4M $DAI has transferred 6,958.7 $ETH (worth ~$20m) to 10 addresses
What an #unlucky guy!
He got 275,700 $LINK ($4.42M) stolen by a #phishing #attack .
This guy accumulated 290,750 #LINK ($2.26M) at $7.8 from #exchanges between Jun 7, 2022, and Oct 14, 2023, a profit of nearly ~$2.4M currently.
Unfortunately, he accidentally clicked on the phishing link and was deceived into signing the approval transaction.
Ultimately, he lost a profit of $2.4M and a cost of $2.26M, a total loss of $4.66M!
He got 275,700 $LINK ($4.42M) stolen by a #phishing #attack .
This guy accumulated 290,750 #LINK ($2.26M) at $7.8 from #exchanges between Jun 7, 2022, and Oct 14, 2023, a profit of nearly ~$2.4M currently.
Unfortunately, he accidentally clicked on the phishing link and was deceived into signing the approval transaction.
Ultimately, he lost a profit of $2.4M and a cost of $2.26M, a total loss of $4.66M!
๐จ Phishing Attack Alert: $11.1M Lost in Recent Exploit! ๐จ
Approximately 6 hours ago, a major phishing attack resulted in a significant loss of assets.
Details of the Exploit:
1โฃ 3,657 $MKR ($8,766,097) and 2.56M PT Ethena tokens ($2.4M) were stolen.
2โฃ The exploiter sold 3,657 MKR for 2,502 $ETH ($8,766,097), causing a 7.5% drop in the price of #MKR
3โฃ Additionally, 2.56M PT Ethena tokens were swapped for 689 ETH ($2.41M).
This incident highlights the critical importance of security in the crypto space. Always remain vigilant and take necessary precautions to protect your assets.
#Crypto #phishing #bitcoin #Binance $BNB
Approximately 6 hours ago, a major phishing attack resulted in a significant loss of assets.
Details of the Exploit:
1โฃ 3,657 $MKR ($8,766,097) and 2.56M PT Ethena tokens ($2.4M) were stolen.
2โฃ The exploiter sold 3,657 MKR for 2,502 $ETH ($8,766,097), causing a 7.5% drop in the price of #MKR
3โฃ Additionally, 2.56M PT Ethena tokens were swapped for 689 ETH ($2.41M).
This incident highlights the critical importance of security in the crypto space. Always remain vigilant and take necessary precautions to protect your assets.
#Crypto #phishing #bitcoin #Binance $BNB
Guaranteeing Privacy in Cryptocurrency with Lelantus Spark.
In a period where digital privacy is increasingly under threat, $FIRO emerges as a beacon of hope in the cryptocurrency landscape. FIRO has established itself as a top dog in blockchain privacy technology, offering users a secure and confidential means of conducting transactions.
At the heart of FIRO innovation lies Lelantus Spark, an advance privacy protocol that sets new standards in the ecosystem.
The Need for Privacy in Cryptocurrency
As the cryptocurrency market expands, so do the threats to user privacy. Phishing attacks, where malicious actors attempt to steal sensitive information by posing as legitimate entities, have become alarmingly common. These attacks often target wallets, exchanges, and even initial coin offerings, putting users' funds at risk.
In this context, privacy-focused cryptocurrencies like Firo play a crucial role in safeguarding users' financial information and transactions.
Lelantus Spark
Lelantus Spark, FIROโa advanced privacy technology, addresses these concerns head-on. This protocol offers several key advantages:
โขEnhanced Anonymity: Lelantus Spark uses a unique one-out-of-many proofs system, making it virtually impossible to trace transactions back to their source.
โขScalability: The protocol is designed to handle a high volume of transactions efficiently, ensuring that privacy doesn't come at the cost of performance.
โขUser-Friendly: Despite its complex underlying technology, Lelantus Spark is designed with user experience in mind, making privacy accessible to all.
โขAuditability: While providing strong privacy guarantees, Lelantus Spark also allows for optional auditability, striking a balance between privacy and regulatory compliance.
How Lelantus Spark Protects Against Phishing
Lelantus Spark's privacy features provide an additional layer of protection against phishing attacks. By obscuring transaction details and user identities, it significantly reduces the amount of useful information an attacker can gain, even if they manage to compromise a user's account.
The Future of Privacy with $FIRO
As digital threats evolve, so too must our defenses. FIROโs commitment to ongoing research and development ensures that Lelantus Spark will continue to adapt and improve, staying ahead of potential vulnerabilities.
As we move forward in an increasingly connected world, technologies like Lelantus Spark will play a vital role in safeguarding our right to privacy. FIRO and its Lelantus Spark technology represent a significant leap forward in cryptocurrency privacy. By addressing the critical need for secure, private transactions, Firo is not just protecting individual users โ it's helping to build a more vigorous and trustworthy cryptocurrency ecosystem for everyone.
#PrivacyMatters #phishing
At the heart of FIRO innovation lies Lelantus Spark, an advance privacy protocol that sets new standards in the ecosystem.
The Need for Privacy in Cryptocurrency
As the cryptocurrency market expands, so do the threats to user privacy. Phishing attacks, where malicious actors attempt to steal sensitive information by posing as legitimate entities, have become alarmingly common. These attacks often target wallets, exchanges, and even initial coin offerings, putting users' funds at risk.
In this context, privacy-focused cryptocurrencies like Firo play a crucial role in safeguarding users' financial information and transactions.
Lelantus Spark
Lelantus Spark, FIROโa advanced privacy technology, addresses these concerns head-on. This protocol offers several key advantages:
โขEnhanced Anonymity: Lelantus Spark uses a unique one-out-of-many proofs system, making it virtually impossible to trace transactions back to their source.
โขScalability: The protocol is designed to handle a high volume of transactions efficiently, ensuring that privacy doesn't come at the cost of performance.
โขUser-Friendly: Despite its complex underlying technology, Lelantus Spark is designed with user experience in mind, making privacy accessible to all.
โขAuditability: While providing strong privacy guarantees, Lelantus Spark also allows for optional auditability, striking a balance between privacy and regulatory compliance.
How Lelantus Spark Protects Against Phishing
Lelantus Spark's privacy features provide an additional layer of protection against phishing attacks. By obscuring transaction details and user identities, it significantly reduces the amount of useful information an attacker can gain, even if they manage to compromise a user's account.
The Future of Privacy with $FIRO
As digital threats evolve, so too must our defenses. FIROโs commitment to ongoing research and development ensures that Lelantus Spark will continue to adapt and improve, staying ahead of potential vulnerabilities.
As we move forward in an increasingly connected world, technologies like Lelantus Spark will play a vital role in safeguarding our right to privacy. FIRO and its Lelantus Spark technology represent a significant leap forward in cryptocurrency privacy. By addressing the critical need for secure, private transactions, Firo is not just protecting individual users โ it's helping to build a more vigorous and trustworthy cryptocurrency ecosystem for everyone.
#PrivacyMatters #phishing
๐ STOP SCROLLING! WHY KYC CAN BE DANGEROUS!!! ๐
โ Read the full post, as this is an important one:
"KYC is the act of throwing 99 innocent people under the bus in order to make law enforcement's job catching 1 bad guy a little easier. The 99 shouldn't tolerate it."
The picture shows what I recently found on Twitter.
Why should you care and what should/shouldn't you do?
Leaked KYC data makes you vulnerable to attacks like sim-swaps, which allow attackers to bypass your 2FA security, but also comes with even bigger danger.
Leaked documents can lead to scammers opening online bank accounts in your name, taking loans & putting you into a horrible financial situation.
Deepfakes and simple Epson printers with ID card printing features make it possible to even fake real-time online verification processes.
Conclusion:
Be EXTREMELY cautious where you submit your KYC information. If small, not properly secured projects require KYC for crypto allocations and similar, remember that you're making yourself vulnerable the moment you submit your data.
You can never be sure that your data is encrypted and saved in a secure spot. You just can NEVER be sure.... so IF you submit KYC data, make sure that you don't do it left, right, center wherever you go, but only provide big, trustworthy and well established companies with these kind of details.
You will thank me later.
Follow @Professor Mende - Bonuz Ecosystem Founder for more!
#scamalert #kyc #phishing #scams #hacking
$PEPE $FLOKI $SHIB
โ Read the full post, as this is an important one:
"KYC is the act of throwing 99 innocent people under the bus in order to make law enforcement's job catching 1 bad guy a little easier. The 99 shouldn't tolerate it."
The picture shows what I recently found on Twitter.
Why should you care and what should/shouldn't you do?
Leaked KYC data makes you vulnerable to attacks like sim-swaps, which allow attackers to bypass your 2FA security, but also comes with even bigger danger.
Leaked documents can lead to scammers opening online bank accounts in your name, taking loans & putting you into a horrible financial situation.
Deepfakes and simple Epson printers with ID card printing features make it possible to even fake real-time online verification processes.
Conclusion:
Be EXTREMELY cautious where you submit your KYC information. If small, not properly secured projects require KYC for crypto allocations and similar, remember that you're making yourself vulnerable the moment you submit your data.
You can never be sure that your data is encrypted and saved in a secure spot. You just can NEVER be sure.... so IF you submit KYC data, make sure that you don't do it left, right, center wherever you go, but only provide big, trustworthy and well established companies with these kind of details.
You will thank me later.
Follow @Professor Mende - Bonuz Ecosystem Founder for more!
#scamalert #kyc #phishing #scams #hacking
$PEPE $FLOKI $SHIB
(@sell9000 )
PSA re: an expensive opsec lesson
At this time I have confirmed that it was a Google login that caused this compromise. An unknown Windows machine gained access about half a day before the attack. It also spoofed the device name, so the notification of the new activity alert (which occurred early morning while I was asleep) appeared similar to devices I normally use (it may have been a calculated gamble for a common device name unless I was specifically targeted).
Upon further investigation, this device is a VPS hosted by #KaopuCloud as a global edge cloud provider that is shared among hacker circles in Telegram, and has been used in the past for #phishing and other malicious activities by shared users.
I do have 2FA enabled, which the user managed to bypass. I have yet to determine exactly how this was achieved, but possibly attack vectors were OAuth phishing, cross site scripting, or man-in-the-middle attack on a compromised site, followed by possible additional #Malware . In fact, apparently #OAuth endpoint attack recently has been reported to hijack user cookie session (https://darkreading.com/cloud-security/attackers-abuse-google-oauth-endpoint-hijack-user-sessionsโฆ). Be extremely careful if you have to use Sign In From Google.
Takeaways:
1. Bitdefender sucks, it caught nothing while Malwarebytes caught a bunch of vulnerabilities after the fact.
2. Do not become complacent just because you were moving large figures for years without issues.
3. Never enter a seed, period, no matter what reasonable excuse you give yourself. Not worth the risk, just nuke the computer and start fresh.
4. I'm done with Chrome, stick with a better browser like Brave.
5. Preferably never mix devices, and have an isolated device for crypto activities.
6. Always check the Google Activity alert if you are continuing to use Google based devices or authentication.
7. Turn off extension sync'ing. Or just turn off sync'ing period for your isolated crypto machine.
8. 2FA is clearly not bulletproof, don't become complacent to it.
PSA re: an expensive opsec lesson
At this time I have confirmed that it was a Google login that caused this compromise. An unknown Windows machine gained access about half a day before the attack. It also spoofed the device name, so the notification of the new activity alert (which occurred early morning while I was asleep) appeared similar to devices I normally use (it may have been a calculated gamble for a common device name unless I was specifically targeted).
Upon further investigation, this device is a VPS hosted by #KaopuCloud as a global edge cloud provider that is shared among hacker circles in Telegram, and has been used in the past for #phishing and other malicious activities by shared users.
I do have 2FA enabled, which the user managed to bypass. I have yet to determine exactly how this was achieved, but possibly attack vectors were OAuth phishing, cross site scripting, or man-in-the-middle attack on a compromised site, followed by possible additional #Malware . In fact, apparently #OAuth endpoint attack recently has been reported to hijack user cookie session (https://darkreading.com/cloud-security/attackers-abuse-google-oauth-endpoint-hijack-user-sessionsโฆ). Be extremely careful if you have to use Sign In From Google.
Takeaways:
1. Bitdefender sucks, it caught nothing while Malwarebytes caught a bunch of vulnerabilities after the fact.
2. Do not become complacent just because you were moving large figures for years without issues.
3. Never enter a seed, period, no matter what reasonable excuse you give yourself. Not worth the risk, just nuke the computer and start fresh.
4. I'm done with Chrome, stick with a better browser like Brave.
5. Preferably never mix devices, and have an isolated device for crypto activities.
6. Always check the Google Activity alert if you are continuing to use Google based devices or authentication.
7. Turn off extension sync'ing. Or just turn off sync'ing period for your isolated crypto machine.
8. 2FA is clearly not bulletproof, don't become complacent to it.
Login to explore more contents