Malware spreads false wallet mnemonics through hacking into email lists

2025-04-07 22:06:55

Collection

ChainCatcher news, according to Decrypt, cybersecurity experts recently discovered a dual malware attack targeting users inside and outside the cryptocurrency industry.

Cyber intelligence company Silent Push revealed in its latest report a malicious activity named PoisonSeed, which first forges login pages of bulk email service providers like Mailchimp and SendGrid to steal user credentials. Attackers send fake emails claiming that user accounts are restricted, luring them to log into a counterfeit website. After entering their credentials, the attackers quickly and automatically export the email subscription list.

Subsequently, the attackers use the stolen subscription list to impersonate Coinbase and send phishing emails to the victims' contacts, claiming that the exchange "is transitioning to self-custody wallets," and includes a 12-word recovery phrase, tricking users into importing the wallet, effectively allowing hackers to take control of the assets.

(Source Link)

ChainCatcher reminds readers to view blockchain rationally, enhance risk awareness, and be cautious of various virtual token issuances and speculations. All content on this site is solely market information or related party opinions, and does not constitute any form of investment advice. If you find sensitive information in the content, please click "Report", and we will handle it promptly.

2025-05-16 21:25

Analyst: The SEC investigation and cyber attacks will not have a material impact on Coinbase

2025-05-16 21:07

ZachXBT: The exchange's phone verification mechanism has serious security vulnerabilities, and forged Coinbase calls and messages have led to significant funds being stolen

2025-05-16 21:04

Analysis: Bitcoin is unable to rise significantly due to a lack of new catalysts

2025-05-16 20:12

Mention the project

Coinbase

Famous cryptocurrency exchange