一条假装来自Binance的网络钓鱼电子邮件，为人们提供了宣称新创建的特朗普硬币的机会，事实证明是一种网络钓鱼诱饵。

投入：一封假装来自二元的网络钓鱼电子邮件，为人们提供了宣称新创建的特朗普硬币的机会，事实证明是网络钓鱼诱饵。

A phishing email pretending to be from Binance and offering people the chance to claim newly created TRUMP coins has turned out to be a phishing lure.

假装来自Binance的网络钓鱼电子邮件，并为人们提供了宣称新创建的特朗普硬币的机会，这是一个网络钓鱼诱饵。

Cofense warns that if victims follow the email’s instructions and download what is called “Binance Desktop,” they actually install a remote access tool that gives malicious actors control of their computers within two minutes.

Cofense警告说，如果受害者遵循电子邮件的说明并下载所谓的“ Binance Desktop”，他们实际上安装了远程访问工具，该工具在两分钟内使恶意演员控制其计算机。

To make the scam more convincing, the attackers used “Binance” as the sender’s name and included a fake “risk warning” to make the email seem trustworthy. They also fashioned a fake website that closely resembles the Binance site to host the malicious download.

为了使骗局更具说服力，攻击者将“义务”用作发件人的名字，并包括一个假的“风险警告”，以使电子邮件显得值得信赖。他们还塑造了一个伪造的网站，该网站与Binance网站非常相似，以主持恶意下载。

Although they didn’t copy Binance’s official pages exactly, they used images from Binance’s TRUMP coin and client download pages to create a realistic-looking site with installation instructions.

尽管他们没有准确复制Binance的官方页面，但他们使用了Binance的Trump Coin和客户下载页面中的图像来创建一个带有安装说明的现实网站。

Instead of downloading a real Binance app, the link installs ConnectWise RAT, which connects back to the bad actor’s command center. Once installed, the malefactors quickly take control of infected devices – much faster than the average ConnectWise RAT attack.

该链接没有下载真正的Binance应用程序，而是安装ConnectWise Rat，该链接连接回BAD ACTOR的指挥中心。安装后，恶性因子很快就可以控制受感染的设备 - 比平均连接大鼠攻击快得多。

After gaining access, they focus on stealing saved passwords from apps like Microsoft Edge, compensating for the RAT’s limited data-stealing abilities.

获得访问后，他们专注于从Microsoft Edge等应用程序中窃取保存的密码，从而弥补了老鼠有限的数据窃取能力。

After Cofense Intelligence discovered this phishing campaign, it was added to PhishMe Security Awareness Training. Now, organizations using PhishMe SAT can train employees to recognize scams like this TRUMP coin attack, even if they bypass other security measures.

在Cofense Intelligence发现了这项网络钓鱼运动之后，它被添加到Phishme安全意识培训中。现在，使用Phishme SAT的组织可以训练员工认识到像Trump Coin攻击这样的骗局，即使他们绕过了其他安全措施。

Fertile Ground for Social Engineering

社会工程沃土

Jason Soroko, Senior Fellow at Sectigo, says topical events serve as fertile ground for social engineering, offering attackers a ready-made script that exploits real-time urgency and widespread public attention.

Sectigo的高级研究员Jason Soroko说，主题活动是社会工程学的肥沃场所，为攻击者提供了一个现成的剧本，可以利用实时的紧迫性和广泛的公众关注。

“By aligning phishing messages and malicious campaigns with trending news or current events, cybercriminals enhance credibility and evoke strong emotional reactions, prompting hasty actions from potential victims.”

“通过将网络钓鱼信息和恶意运动与热门新闻或时事保持一致，网络犯罪分子提高了信誉并引起了强烈的情感反应，从而促使潜在受害者急速行动。”

Control in Under Two Minutes

在不到两分钟的时间内控制

“This phishing campaign targeting cryptocurrency enthusiasts shows how quickly attackers can compromise systems – gaining control in under two minutes,” adds J Stephen Kowski, Field CTO at SlashNext.

“针对加密货币爱好者的网络钓鱼活动表明，攻击者能够损害系统的速度 - 在不到两分钟的时间内获得控制权，” SlashNext的现场CTO J Stephen Kowski补充说。

“Sophisticated spoofing techniques, including legitimate-looking emails with risk warnings and convincingly crafted websites combining authentic imagery, highlight why real-time email security scanning with advanced AI detection capabilities is essential for identifying these threats before users interact with them.”

“复杂的欺骗技术，包括带有风险警告的合法电子邮件和令人信服的网站结合真实图像，强调了为什么在用户与他们互动之前，实时电子邮件安全扫描与先进的AI检测功能是必不可少的。”

Kowski says entities should implement multi-layered protection that analyzes email content as well as linked destinations to block credential theft, while also educating users about only downloading financial applications directly from official sources.

科夫斯基说，实体应实施多层保护，以分析电子邮件内容以及链接的目的地以阻止凭据盗用，同时还向用户教育直接从官方来源下载财务应用程序。

“Protecting against these rapidly evolving phishing tactics requires solutions that can detect and block malicious URLs and attachments at the point of click, preventing the initial infection that leads to credential theft and system compromise.”

“防止这些快速发展的网络钓鱼策略需要解决方案，这些解决方案可以在点击点检测和阻止恶意URL和附件，从而阻止了导致凭证盗窃和系统妥协的初始感染。”

The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.

这篇文章中表达的意见属于个人贡献者，不一定反映了信息安全嗡嗡声的观点。