|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
上個月,一名威脅行為者透過對 15 個受感染的 X 帳戶發起 memecoin 網路釣魚詐騙,竊取了約 50 萬美元
A threat actor has netted around $500,000 over the last month by launching memecoin phishing scams on 15 compromised X accounts, blockchain investigator ZachXBT reported.
根據區塊鏈調查員 ZachXBT 報道,上個月,一名威脅行為者透過對 15 個受感染的 X 帳戶發起 memecoin 網路釣魚詐騙,已獲利約 50 萬美元。
The perpetrator impersonated the X team and sent out fake copyright infringement notices to instill a sense of urgency and ultimately trick the social media platform’s users into visiting phishing sites, ZachXBT explained in a Dec. 24 X post.
ZachXBT 在 12 月 24 日的 X 貼文中解釋說,犯罪者冒充 X 團隊並發送虛假版權侵權通知,以灌輸緊迫感,並最終誘騙社交媒體平台的用戶訪問網路釣魚網站。
The victims would then go on to unknowingly use the fake site to reset their X account passwords and two-factor authentication (2FA) logins.
然後,受害者會在不知不覺中使用虛假網站重設其 X 帳戶密碼和雙重認證 (2FA) 登入。
With the information, the perpetrator took control of 15 accounts and posted memecoin scams from them — netting around $500,000.
犯罪者利用這些資訊控制了 15 個帳戶,並透過這些帳戶發布了 memecoin 詐騙訊息,獲利約 50 萬美元。
ZachXBT noted that the compromised X accounts were mostly crypto-focused and included Kick, Cursor, The Arena, Brett and Alex Blania.
ZachXBT 指出,被盜的 X 帳戶主要是加密貨幣,包括 Kick、Cursor、The Arena、Brett 和 Alex Blania。
All account takeovers were connected through six deployer addresses used for each memecoin scam. The attacker attempted to obfuscate the funding source by bridging the stolen funds between the Solana and Ethereum networks, ZachXBT said.
所有帳戶接管均透過用於每個模因幣騙局的六個部署者地址進行連接。 ZachXBT 表示,攻擊者試圖透過在 Solana 和以太坊網路之間橋接被盜資金來混淆資金來源。
The blockchain sleuth recommended X users limit email address reuse between services and implement 2FA on “important accounts wherever possible.”
區塊鏈偵探建議 X 用戶限制服務之間的電子郵件地址重複使用,並「盡可能對重要帳戶」實施 2FA。
The first known incident involved RuneMine’s X account on Nov. 26, with the latest being Kick on Dec. 24.
第一個已知事件涉及 RuneMine 的 X 帳戶,發生時間為 11 月 26 日,最近一次事件是 12 月 24 日發生的 Kick。
Many of these X accounts have attracted a large audience with well over 200,000 X followers who are largely memecoin enthusiasts looking to catch the next hot tip.
這些 X 帳戶中的許多都吸引了大批受眾,擁有超過 200,000 名 X 追蹤者,他們主要是尋找下一個熱門提示的 memecoin 愛好者。
Many of the memecoin phishing scams were captioned “Incoming Transmission,” followed by a token announcement and contract address.
許多 memecoin 網路釣魚詐騙的標題是“傳入傳輸”,後面是代幣公告和合約地址。
Some compromised X accounts, such as the crosschain scalability platform Neutron, have acknowledged the incident.
一些受損的 X 帳戶,例如跨鏈可擴展性平台 Neutron,已經承認了這一事件。
Crypto scammers could be looking to make up for lost ground this holiday season after phishing losses fell 53% month-on-month in November to $9.3 million.
繼 11 月網路釣魚損失季減 53% 至 930 萬美元後,加密貨幣詐騙者可能希望在這個假期彌補損失。
Around $2.2 billion has been stolen by crypto thieves in 2024 from 303 major incidents, blockchain forensics firm Chainalysis reported earlier this month.
區塊鏈取證公司 Chainaanalysis 本月稍早報告稱,2024 年,加密貨幣竊賊在 303 起重大事件中竊取了約 22 億美元。
The firm said it marked a 21% year-on-year increase, with centralized services among the hardest hit.
該公司表示,年增 21%,其中集中式服務受到的打擊最為嚴重。
免責聲明:info@kdj.com
The information provided is not trading advice. kdj.com does not assume any responsibility for any investments made based on the information provided in this article. Cryptocurrencies are highly volatile and it is highly recommended that you invest with caution after thorough research!
If you believe that the content used on this website infringes your copyright, please contact us immediately (info@kdj.com) and we will delete it promptly.