一條假裝來自Binance的網絡釣魚電子郵件，為人們提供了宣稱新創建的特朗普硬幣的機會，事實證明是一種網絡釣魚誘餌。

投入：一封假裝來自二元的網絡釣魚電子郵件，為人們提供了宣稱新創建的特朗普硬幣的機會，事實證明是網絡釣魚誘餌。

A phishing email pretending to be from Binance and offering people the chance to claim newly created TRUMP coins has turned out to be a phishing lure.

假裝來自Binance的網絡釣魚電子郵件，並為人們提供了宣稱新創建的特朗普硬幣的機會，這是一個網絡釣魚誘餌。

Cofense warns that if victims follow the email’s instructions and download what is called “Binance Desktop,” they actually install a remote access tool that gives malicious actors control of their computers within two minutes.

Cofense警告說，如果受害者遵循電子郵件的說明並下載所謂的“ Binance Desktop”，他們實際上安裝了遠程訪問工具，該工具在兩分鐘內使惡意演員控制其計算機。

To make the scam more convincing, the attackers used “Binance” as the sender’s name and included a fake “risk warning” to make the email seem trustworthy. They also fashioned a fake website that closely resembles the Binance site to host the malicious download.

為了使騙局更具說服力，攻擊者將“義務”用作發件人的名字，並包括一個假的“風險警告”，以使電子郵件顯得值得信賴。他們還塑造了一個偽造的網站，該網站與Binance網站非常相似，以主持惡意下載。

Although they didn’t copy Binance’s official pages exactly, they used images from Binance’s TRUMP coin and client download pages to create a realistic-looking site with installation instructions.

儘管他們沒有準確複製Binance的官方頁面，但他們使用了Binance的Trump Coin和客戶下載頁面中的圖像來創建一個帶有安裝說明的現實網站。

Instead of downloading a real Binance app, the link installs ConnectWise RAT, which connects back to the bad actor’s command center. Once installed, the malefactors quickly take control of infected devices – much faster than the average ConnectWise RAT attack.

該鏈接沒有下載真正的Binance應用程序，而是安裝ConnectWise Rat，該鏈接連接回BAD ACTOR的指揮中心。安裝後，惡性因子很快就可以控制受感染的設備 - 比平均連接大鼠攻擊快得多。

After gaining access, they focus on stealing saved passwords from apps like Microsoft Edge, compensating for the RAT’s limited data-stealing abilities.

獲得訪問後，他們專注於從Microsoft Edge等應用程序中竊取保存的密碼，從而彌補了老鼠有限的數據竊取能力。

After Cofense Intelligence discovered this phishing campaign, it was added to PhishMe Security Awareness Training. Now, organizations using PhishMe SAT can train employees to recognize scams like this TRUMP coin attack, even if they bypass other security measures.

在Cofense Intelligence發現了這項網絡釣魚運動之後，它被添加到Phishme安全意識培訓中。現在，使用Phishme SAT的組織可以訓練員工認識到像Trump Coin攻擊這樣的騙局，即使他們繞過了其他安全措施。

Fertile Ground for Social Engineering

社會工程沃土

Jason Soroko, Senior Fellow at Sectigo, says topical events serve as fertile ground for social engineering, offering attackers a ready-made script that exploits real-time urgency and widespread public attention.

Sectigo的高級研究員Jason Soroko說，主題活動是社會工程學的肥沃場所，為攻擊者提供了一個現成的劇本，可以利用實時的緊迫性和廣泛的公眾關注。

“By aligning phishing messages and malicious campaigns with trending news or current events, cybercriminals enhance credibility and evoke strong emotional reactions, prompting hasty actions from potential victims.”

“通過將網絡釣魚信息和惡意運動與熱門新聞或時事保持一致，網絡犯罪分子提高了信譽並引起了強烈的情感反應，從而促使潛在受害者急速行動。”

Control in Under Two Minutes

在不到兩分鐘的時間內控制

“This phishing campaign targeting cryptocurrency enthusiasts shows how quickly attackers can compromise systems – gaining control in under two minutes,” adds J Stephen Kowski, Field CTO at SlashNext.

“針對加密貨幣愛好者的網絡釣魚活動表明，攻擊者能夠損害系統的速度 - 在不到兩分鐘的時間內獲得控制權，” SlashNext的現場CTO J Stephen Kowski補充說。

“Sophisticated spoofing techniques, including legitimate-looking emails with risk warnings and convincingly crafted websites combining authentic imagery, highlight why real-time email security scanning with advanced AI detection capabilities is essential for identifying these threats before users interact with them.”

“複雜的欺騙技術，包括帶有風險警告的合法電子郵件和令人信服的網站結合真實圖像，強調了為什麼在用戶與他們互動之前，實時電子郵件安全掃描與先進的AI檢測功能是必不可少的。”

Kowski says entities should implement multi-layered protection that analyzes email content as well as linked destinations to block credential theft, while also educating users about only downloading financial applications directly from official sources.

科夫斯基說，實體應實施多層保護，以分析電子郵件內容以及鏈接的目的地以阻止憑據盜用，同時還向用戶教育直接從官方來源下載財務應用程序。

“Protecting against these rapidly evolving phishing tactics requires solutions that can detect and block malicious URLs and attachments at the point of click, preventing the initial infection that leads to credential theft and system compromise.”

“防止這些快速發展的網絡釣魚策略需要解決方案，這些解決方案可以在點擊點檢測和阻止惡意URL和附件，從而阻止了導致憑證盜竊和系統妥協的初始感染。”

The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.

這篇文章中表達的意見屬於個人貢獻者，不一定反映了信息安全嗡嗡聲的觀點。