BlockFi 和 FTX 债权人成为复杂网络钓鱼骗局的目标

最近的电子邮件网络钓鱼计划已成功从破产的加密货币公司 BlockFi 和 FTX 的债权人那里窃取了数百万美元。安全专家 Plumferno 的调查揭露了这一涉及加密货币和 NFT 的骗局。该行动利用了 Mailer Lite 数据泄露中的受损电子邮件列表，针对钱包处于休眠状态的个人。区块链数据分析发现，诈骗者的钱包中有近 450 万美元的以太币涌入，凸显了该计划的规模相当大。该事件突显了加密货币网络钓鱼的更广泛问题，尽管人们已经做出了提高认识的努力，但仍构成了重大威胁。

Did BlockFi and FTX Creditors Fall Prey to a Sophisticated Phishing Scam?

BlockFi 和 FTX 债权人是否陷入了复杂的网络钓鱼骗局？

An intricate email phishing scheme has allegedly pilfered millions from creditors of defunct crypto companies BlockFi and FTX. The scam, which exploited cryptocurrencies and NFTs, was unveiled by security expert Plumferno through an investigation on social media platform X.

据称，一个复杂的电子邮件网络钓鱼计划从已倒闭的加密货币公司 BlockFi 和 FTX 的债权人那里窃取了数百万美元。安全专家 Plumferno 通过对社交媒体平台 X 的调查揭露了这一利用加密货币和 NFT 的骗局。

Plumferno's sleuthing, aided by a network of contacts, traced the origin of the stolen assets to phishing emails. These emails, cunningly disguised as legitimate communications from BlockFi and FTX, duped recipients into handing over access to their crypto wallets.

普卢姆费诺的调查在联系网络的帮助下，追踪到被盗资产的来源是网络钓鱼电子邮件。这些电子邮件巧妙地伪装成来自 BlockFi 和 FTX 的合法通信，欺骗收件人交出对其加密钱包的访问权限。

Exploiting a Compromised Email List

利用受损的电子邮件列表

The operation's success can be attributed in part to the exploitation of a compromised email list stemming from Mailer Lite's data breach in January. This breach had previously facilitated a separate phishing scam. The recent scheme highlights the vulnerabilities within the crypto community, targeting individuals with dormant wallets, many of whom had not interacted with their assets since BlockFi's bankruptcy, making them easy prey.

该行动的成功部分归因于对一月份 Mailer Lite 数据泄露事件中受损电子邮件列表的利用。此漏洞此前曾促成过一次单独的网络钓鱼诈骗。最近的计划凸显了加密货币社区内的漏洞，目标是拥有休眠钱包的个人，其中许多人自 BlockFi 破产以来就没有与其资产进行过互动，这使他们很容易成为猎物。

Plumferno's analysis suggests that some victims may remain oblivious to the theft.

普卢姆弗诺的分析表明，一些受害者可能仍然没有意识到这起盗窃事件。

Blockchain Data Reveals a Substantial Haul

区块链数据揭示了巨大的收获

Blockchain data analysis has uncovered a surge of nearly $4.5 million in Ether flowing into the scammer's wallet since March 17, attesting to the scheme's significant scale. The operation's reach extended beyond liquid currencies, encompassing high-value NFTs such as Mutant Apes and Otherdeeds, whose sales further boosted the ill-gotten gains.

区块链数据分析发现，自 3 月 17 日以来，流入诈骗者钱包的以太币激增近 450 万美元，证明了该计划的规模之大。该行动的触角超出了流动货币的范围，还包括 Mutant Apes 和 Otherdeeds 等高价值 NFT，这些产品的销售进一步增加了非法收益。

This incident underscores the pervasive issue of crypto phishing, which continues to pose a significant threat despite awareness efforts. Last year alone, the crypto industry lost $300 million to such scams.

这一事件突显了加密货币网络钓鱼的普遍问题，尽管人们在提高认识方面做出了努力，但该问题仍继续构成重大威胁。仅去年一年，加密行业就因此类诈骗损失了 3 亿美元。

Multi-Layered Attack Strategy

多层攻击策略

The attackers' tactic of leveraging email lists from a prior breach demonstrates a multi-layered approach to victimizing individuals already impacted by the crypto market's volatility. The targeting of dormant wallets, particularly those belonging to BlockFi and FTX creditors, showcases a deliberate strategy to maximize profits.

攻击者利用先前泄露的电子邮件列表的策略表明，他们采用了一种多层次的方法来伤害已经受到加密货币市场波动影响的个人。针对休眠钱包的攻击，特别是那些属于 BlockFi 和 FTX 债权人的钱包，展示了一种旨在实现利润最大化的深思熟虑的策略。

This approach serves as a stark reminder to the community about the ongoing risks associated with storing digital assets and ensuring communication security.

这种方法向社区发出了鲜明的提醒，提醒人们与存储数字资产和确保通信安全相关的持续风险。

Growing Crypto Scams: A Challenge to Industry Resilience

加密诈骗日益增多：对行业弹性的挑战

While crypto phishing attacks are not novel, their increasing sophistication and success rates are a cause for concern. Plumferno's investigation illuminates the evolving tactics employed by cybercriminals, serving as a vital warning for individuals and firms in the cryptocurrency sector.

虽然加密网络钓鱼攻击并不新鲜，但其日益复杂的程度和成功率令人担忧。 Plumferno 的调查揭示了网络犯罪分子不断演变的策略，为加密货币领域的个人和公司敲响了重要的警钟。

Maintaining vigilance and skepticism towards unsolicited emails and communications is paramount. The theft from dormant wallets, in particular, highlights a bitter irony, as many victims had already endured financial setbacks due to the crypto industry's turmoil.

对未经请求的电子邮件和通信保持警惕和怀疑至关重要。尤其是休眠钱包被盗事件凸显了一个苦涩的讽刺，因为许多受害者已经因加密行业的动荡而遭受了财务挫折。

Community Response: Resilience and Adaptation

社区反应：恢复力和适应

The community's response to such incidents will reveal its resilience and adaptability. Education and enhanced security measures remain fundamental defenses against phishing operations. As the scam continues to amass funds, the crypto industry faces a critical juncture.

社区对此类事件的反应将显示其弹性和适应性。教育和加强安全措施仍然是抵御网络钓鱼活动的基本防御措施。随着骗局不断积累资金，加密行业面临着关键时刻。

Addressing these vulnerabilities is essential to safeguarding members and rebuilding trust in the digital asset ecosystem. This incident underscores the necessity for continuous vigilance and the adoption of cybersecurity best practices within the cryptocurrency realm.

解决这些漏洞对于保护成员和重建对数字资产生态系统的信任至关重要。这一事件强调了在加密货币领域持续保持警惕并采用网络安全最佳实践的必要性。