BlockFi 和 FTX 債權人成為複雜網路釣魚騙局的目標

最近的電子郵件網路釣魚計畫已成功從破產的加密貨幣公司 BlockFi 和 FTX 的債權人那裡竊取了數百萬美元。安全專家 Plumferno 的調查揭露了這項涉及加密貨幣和 NFT 的騙局。該行動利用了 Mailer Lite 資料外洩中的受損電子郵件列表，針對錢包處於休眠狀態的個人。區塊鏈數據分析發現，詐騙者的錢包中有近 450 萬美元的以太幣湧入，凸顯了該計畫的規模相當大。這起事件突顯了加密貨幣網路釣魚的更廣泛問題，儘管人們已經做出了提高意識的努力，但仍構成了重大威脅。

Did BlockFi and FTX Creditors Fall Prey to a Sophisticated Phishing Scam?

BlockFi 和 FTX 債權人是否陷入了複雜的網路釣魚騙局？

An intricate email phishing scheme has allegedly pilfered millions from creditors of defunct crypto companies BlockFi and FTX. The scam, which exploited cryptocurrencies and NFTs, was unveiled by security expert Plumferno through an investigation on social media platform X.

據稱，一個複雜的電子郵件網路釣魚計劃從已倒閉的加密貨幣公司 BlockFi 和 FTX 的債權人那裡竊取了數百萬美元。安全專家 Plumferno 透過對社群媒體平台 X 的調查揭露了這項利用加密貨幣和 NFT 的騙局。

Plumferno's sleuthing, aided by a network of contacts, traced the origin of the stolen assets to phishing emails. These emails, cunningly disguised as legitimate communications from BlockFi and FTX, duped recipients into handing over access to their crypto wallets.

普盧姆費諾的調查在聯絡網路的幫助下，追蹤被盜資產的來源是網路釣魚電子郵件。這些電子郵件巧妙地偽裝成來自 BlockFi 和 FTX 的合法通信，欺騙收件人交出對其加密錢包的存取權限。

Exploiting a Compromised Email List

利用受損的電子郵件列表

The operation's success can be attributed in part to the exploitation of a compromised email list stemming from Mailer Lite's data breach in January. This breach had previously facilitated a separate phishing scam. The recent scheme highlights the vulnerabilities within the crypto community, targeting individuals with dormant wallets, many of whom had not interacted with their assets since BlockFi's bankruptcy, making them easy prey.

該行動的成功部分歸因於對一月份 Mailer Lite 資料外洩事件中受損電子郵件清單的利用。此漏洞先前曾促成一次單獨的網路釣魚詐騙。最近的計劃凸顯了加密貨幣社區內的漏洞，目標是擁有休眠錢包的個人，其中許多人自 BlockFi 破產以來就沒有與其資產進行過互動，這使他們很容易成為獵物。

Plumferno's analysis suggests that some victims may remain oblivious to the theft.

普盧姆弗諾的分析表明，一些受害者可能仍然沒有意識到這起盜竊事件。

Blockchain Data Reveals a Substantial Haul

區塊鏈數據揭示了巨大的收穫

Blockchain data analysis has uncovered a surge of nearly $4.5 million in Ether flowing into the scammer's wallet since March 17, attesting to the scheme's significant scale. The operation's reach extended beyond liquid currencies, encompassing high-value NFTs such as Mutant Apes and Otherdeeds, whose sales further boosted the ill-gotten gains.

區塊鏈數據分析發現，自 3 月 17 日以來，流入詐騙者錢包的以太幣激增近 450 萬美元，證明了該計畫的規模。該行動的觸角超出了流動貨幣的範圍，還包括 Mutant Apes 和 Otherdeeds 等高價值 NFT，這些產品的銷售進一步增加了非法收益。

This incident underscores the pervasive issue of crypto phishing, which continues to pose a significant threat despite awareness efforts. Last year alone, the crypto industry lost $300 million to such scams.

這起事件突顯了加密貨幣網路釣魚的普遍問題，儘管人們在提高意識方面做出了努力，但該問題仍繼續構成重大威脅。光是去年，加密產業就因此類詐騙損失了 3 億美元。

Multi-Layered Attack Strategy

多層攻擊策略

The attackers' tactic of leveraging email lists from a prior breach demonstrates a multi-layered approach to victimizing individuals already impacted by the crypto market's volatility. The targeting of dormant wallets, particularly those belonging to BlockFi and FTX creditors, showcases a deliberate strategy to maximize profits.

攻擊者利用先前洩露的電子郵件清單的策略表明，他們採用了一種多層次的方法來傷害已經受到加密貨幣市場波動影響的個人。針對休眠錢包的攻擊，特別是那些屬於 BlockFi 和 FTX 債權人的錢包，展示了一種旨在實現利潤最大化的深思熟慮的策略。

This approach serves as a stark reminder to the community about the ongoing risks associated with storing digital assets and ensuring communication security.

這種方法向社群發出了鮮明的提醒，提醒人們與儲存數位資產和確保通訊安全相關的持續風險。

Growing Crypto Scams: A Challenge to Industry Resilience

加密詐騙日益增加：對產業彈性的挑戰

While crypto phishing attacks are not novel, their increasing sophistication and success rates are a cause for concern. Plumferno's investigation illuminates the evolving tactics employed by cybercriminals, serving as a vital warning for individuals and firms in the cryptocurrency sector.

雖然加密網路釣魚攻擊並不新鮮，但其日益複雜的程度和成功率令人擔憂。 Plumferno 的調查揭示了網路犯罪分子不斷演變的策略，為加密貨幣領域的個人和公司敲響了重要的警鐘。

Maintaining vigilance and skepticism towards unsolicited emails and communications is paramount. The theft from dormant wallets, in particular, highlights a bitter irony, as many victims had already endured financial setbacks due to the crypto industry's turmoil.

對未經請求的電子郵件和通訊保持警惕和懷疑至關重要。尤其是休眠錢包被盜事件凸顯了一個苦澀的諷刺，因為許多受害者已經因加密行業的動盪而遭受了財務挫折。

Community Response: Resilience and Adaptation

社區反應：復原力與適應

The community's response to such incidents will reveal its resilience and adaptability. Education and enhanced security measures remain fundamental defenses against phishing operations. As the scam continues to amass funds, the crypto industry faces a critical juncture.

社區對此類事件的反應將顯示其彈性和適應性。教育和加強安全措施仍然是抵禦網路釣魚活動的基本防禦措施。隨著騙局不斷累積資金，加密產業面臨關鍵時刻。

Addressing these vulnerabilities is essential to safeguarding members and rebuilding trust in the digital asset ecosystem. This incident underscores the necessity for continuous vigilance and the adoption of cybersecurity best practices within the cryptocurrency realm.

解決這些漏洞對於保護成員和重建對數位資產生態系統的信任至關重要。這一事件強調了在加密貨幣領域持續保持警惕並採用網路安全最佳實踐的必要性。