|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
上个月,一名威胁行为者通过对 15 个受感染的 X 账户发起 memecoin 网络钓鱼诈骗,窃取了约 50 万美元
A threat actor has netted around $500,000 over the last month by launching memecoin phishing scams on 15 compromised X accounts, blockchain investigator ZachXBT reported.
据区块链调查员 ZachXBT 报道,上个月,一名威胁行为者通过对 15 个受感染的 X 账户发起 memecoin 网络钓鱼诈骗,已获利约 50 万美元。
The perpetrator impersonated the X team and sent out fake copyright infringement notices to instill a sense of urgency and ultimately trick the social media platform’s users into visiting phishing sites, ZachXBT explained in a Dec. 24 X post.
ZachXBT 在 12 月 24 日的 X 帖子中解释说,犯罪者冒充 X 团队并发送虚假版权侵权通知,以灌输紧迫感,并最终诱骗社交媒体平台的用户访问网络钓鱼网站。
The victims would then go on to unknowingly use the fake site to reset their X account passwords and two-factor authentication (2FA) logins.
然后,受害者会在不知不觉中使用虚假网站重置其 X 帐户密码和双因素身份验证 (2FA) 登录信息。
With the information, the perpetrator took control of 15 accounts and posted memecoin scams from them — netting around $500,000.
犯罪者利用这些信息控制了 15 个账户,并通过这些账户发布了 memecoin 诈骗信息,获利约 50 万美元。
ZachXBT noted that the compromised X accounts were mostly crypto-focused and included Kick, Cursor, The Arena, Brett and Alex Blania.
ZachXBT 指出,被盗的 X 账户主要是加密货币,包括 Kick、Cursor、The Arena、Brett 和 Alex Blania。
All account takeovers were connected through six deployer addresses used for each memecoin scam. The attacker attempted to obfuscate the funding source by bridging the stolen funds between the Solana and Ethereum networks, ZachXBT said.
所有帐户接管均通过用于每个模因币骗局的六个部署者地址进行连接。 ZachXBT 表示,攻击者试图通过在 Solana 和以太坊网络之间桥接被盗资金来混淆资金来源。
The blockchain sleuth recommended X users limit email address reuse between services and implement 2FA on “important accounts wherever possible.”
区块链侦探建议 X 用户限制服务之间的电子邮件地址重复使用,并“尽可能对重要帐户”实施 2FA。
The first known incident involved RuneMine’s X account on Nov. 26, with the latest being Kick on Dec. 24.
第一个已知事件涉及 RuneMine 的 X 帐户,发生时间为 11 月 26 日,最近一次事件是 12 月 24 日发生的 Kick。
Many of these X accounts have attracted a large audience with well over 200,000 X followers who are largely memecoin enthusiasts looking to catch the next hot tip.
其中许多 X 账户吸引了大批受众,拥有超过 200,000 名 X 关注者,他们主要是寻找下一个热门提示的 memecoin 爱好者。
Many of the memecoin phishing scams were captioned “Incoming Transmission,” followed by a token announcement and contract address.
许多 memecoin 网络钓鱼诈骗的标题是“传入传输”,后面是代币公告和合约地址。
Some compromised X accounts, such as the crosschain scalability platform Neutron, have acknowledged the incident.
一些受损的 X 账户,例如跨链可扩展性平台 Neutron,已经承认了这一事件。
Crypto scammers could be looking to make up for lost ground this holiday season after phishing losses fell 53% month-on-month in November to $9.3 million.
继 11 月份网络钓鱼损失环比下降 53% 至 930 万美元后,加密货币诈骗者可能希望在这个假期弥补损失。
Around $2.2 billion has been stolen by crypto thieves in 2024 from 303 major incidents, blockchain forensics firm Chainalysis reported earlier this month.
区块链取证公司 Chainaanalysis 本月早些时候报告称,2024 年,加密货币窃贼在 303 起重大事件中窃取了约 22 亿美元。
The firm said it marked a 21% year-on-year increase, with centralized services among the hardest hit.
该公司表示,同比增长 21%,其中集中式服务受到的打击最为严重。
免责声明:info@kdj.com
The information provided is not trading advice. kdj.com does not assume any responsibility for any investments made based on the information provided in this article. Cryptocurrencies are highly volatile and it is highly recommended that you invest with caution after thorough research!
If you believe that the content used on this website infringes your copyright, please contact us immediately (info@kdj.com) and we will delete it promptly.