Tag:

Phishing

Crypto Investor Loses $1.54 Million in Devastating Phishing Scam
Crypto Trends

Crypto Investor Loses $1.54 Million in Devastating Phishing Scam

by admin


According to anti-fraud service Scam Sniffer, a cryptocurrency investor recently lost a total of $1.54 million after signing EIP-7702 phishing batch transactions.

Wrapped ETH (wstETH), wrapped BTC (cbBTC), as well as multiple types of other tokens, were stolen during the attack. 

Batch transactions, which make it possible to perform multiple operations within a single atomic transaction, were introduced with EIP-7702, which was part of the recent Pectra upgrade. 

Even though batch transactions provide a greater level of convenience for legitimate users, they also come with risks. Bad actors can exploit the new feature to trick their victims into singing away their assets. 

Such scams typically involve a bogus decentralized finance (DeFi) interface that closely resembles actual applications such as popular decentralized exchange Uniswap. 

You Might Also Like

By approving multiple hidden transfers, a user allows a potential attacker to drain their funds in just mere seconds.  

Such malicious transactions tend to appear normal on the surface, and some users are not aware of potential risks due to the novelty of EIP-7702. 

$1 million worth of NFTs lost 

Earlier this week, Scam Sniffer also revealed that someone had lost a total of $1 million of non-fungible tokens (NFTS) as well as other tokens as after signing phishing batch transactions that were actually disguised as Uniswap swaps. 

An extremely similar incident also took place earlier this month.  

“We’ve spotted multiple victims with this pattern targeting EIP-7702 upgraded addresses,” Scam Sniffer said earlier this month, urging holders to remain vigilant. 



Source link

0 comments
0 FacebookTwitterPinterestEmail
Decrypt logo
NFT Gaming

Cointelegraph Website Hacked in Fake Airdrop Phishing Attack

by admin



In brief

  • Cointelegraph has confirmed a front-end hack used to serve phishing pop-ups to people accessing the site.
  • CoinMarketCap suffered a similar exploit days earlier.
  • Victims are being tricked into connecting their wallets to receive fake token airdrops.

Crypto news outlet Cointelegraph has confirmed that its website was compromised in a front-end exploit used to promote a fraudulent token airdrop and steal from users.

It said in a statement on X on Sunday night that it was aware of the “fraudulent pop-up” and was “actively working on a fix”.

“Do not click on these pop-ups, connect your wallets [or] enter any personal information,” it warned. 

Decrypt has approached Cointelegraph for comment. 

The pop-up falsely claims users have been selected for a giveaway of a new token, purportedly part of a “fair launch initiative” by Cointelegraph to reward loyal readers.

It displayed a fabricated token price and promised users just under $5,500 worth of tokens if they connected their crypto wallets. It also claimed security firm CertiK had audited the smart contract.

The method used mirrors a similar front-end attack on the price aggregator CoinMarketCap, which occurred just two days prior. 



In that case, visitors to the site saw pop-ups requesting wallet connections for verification purposes. CoinMarketCap later confirmed malicious code had been injected into the site, and it was removed.

Both incidents represent a growing wave of phishing attacks targeting crypto platforms via compromised user interfaces. 

In these scams, victims are lured into connecting wallets under false pretenses—such as receiving tokens or confirming identity—and then see their accounts drained by the attacker.

According to blockchain intelligence firm TRM Labs, phishing schemes and malware-based infrastructure attacks made up 70% of the $2.2 billion stolen in crypto-related hacks in 2024.

The Cointelegraph attack comes just days after security researchers disclosed a massive data dump containing over 16 billion stolen login credentials, including access to accounts on platforms like Google, Telegram, Facebook, and GitHub.

The trove was likely assembled from infostealer malware, credential stuffing, and prior leaks.

Edited by Sebastian Sinclair

Daily Debrief Newsletter

Start every day with the top news stories right now, plus original features, a podcast, videos and more.



Source link

0 comments
0 FacebookTwitterPinterestEmail
Pi Network Cautions Pioneers On Fake Wallet Phishing Scams
GameFi Guides

Pi Network Cautions Pioneers on Fake Wallet Phishing Scams

by admin



As the Pi Network moves deeper into its Open Mainnet phase, the Core Team has issued a fresh advisory to its global user base, urging caution against phishing scams that mimic the official Pi Wallet interface. These scams are designed to steal secret passphrases from unsuspecting users.

The official Pi Wallet is only accessible at wallet.pinet.com through the Pi Browser. It carries a distinct visual identity with a purple navigation bar and a Pi logo that includes the Core Team apps icon. 

Remember to only use the Pi Wallet in the Pi Browser at exactly “https://t.co/OEifsSaA3K” in order to safeguard your Pi. Learn more: https://t.co/WFHv43Kny7

The authentic Pi Wallet is visually identified by a purple color in the navigation bar of the Pi Browser with a Pi logo…

— Pi Network (@PiCoreTeam) June 5, 2025

According to the advisory, several fake websites have emerged with interfaces almost identical to the original but hosted on misleading URLs. Users who enter their passphrases into these counterfeit sites risk losing their Pi holdings permanently.

The Pi Browser operates similarly to Chrome or Safari. This means users themselves must verify whether the sites they are visiting are legitimate. The Core Team stressed that it cannot control how the browser is used and urged users to remain vigilant.

No member of the Pi Core Team will ever ask for wallet passphrases, passwords, or verification codes. The team also clarified that it does not reach out to users through phone calls or unsolicited messages. Any such interaction should be treated as a scam attempt.

Scammers are stepping up efforts to target Pi Network users by sending fake emails, running misleading ads, cloning websites, and pretending to be official accounts on social media. Their goal is to trick users into giving away their wallet passphrases. Many of these fake pages closely resemble the real Pi Wallet, but use slightly altered web addresses or hide malicious links behind ads.

To avoid falling victim, users are being told to trust only emails from official Pi domains like noreply@pi.email, especially when it comes to two-factor authentication or anything involving wallet migration. Any message that doesn’t come from Pi’s verified sources should raise concern.

According to the Core Team, while scammers can copy the look of the wallet, they can’t fake the actual app URL or the layout seen inside the Pi Browser. These are key signs users should look for before entering any sensitive information.

Because blockchain transactions can’t be undone, entering your passphrase on a fake site could lead to losing everything in your wallet. And with more users now moving to the Open Network, the chances of getting targeted by these scams are only going up.

For updated security guidelines and a list of verified Pi apps and products, users are advised to check the Pi Safety Center. This remains the most reliable resource for identifying fake platforms and reporting suspicious activity.

Also Read: Pi Network Binance Listing Talks Spark Outrage, Pioneers Say ‘No’





Source link

0 comments
0 FacebookTwitterPinterestEmail
Decrypt logo
GameFi Guides

BitMEX Blocks Lazarus Phishing Attempt, Calls Tactics ‘Unsophisticated’

by admin



BitMEX said it has thwarted an attempted phishing attack by the Lazarus Group, describing the attempt as using “unsophisticated” phishing methods by the notorious North Korea-linked group.

In a blog post published on May 30, the crypto exchange detailed how an employee was approached via LinkedIn under the guise of a Web3 NFT collaboration. 

The attacker tried to lure the target into running a GitHub project containing malicious code on their computer, a tactic the firm says has become a hallmark of Lazarus’ operations.

“The interaction is pretty much known if you are familiar with Lazarus’ tactics,” BitMEX wrote, adding that the security team quickly identified the obfuscated JavaScript payload and traced it to infrastructure previously linked to the group.

A likely failure in operational security also revealed that one of the IP addresses linked to North Korean operations was located in the city of Jiaxing, China, approximately 100 km from Shanghai.

“A common pattern in their major operations is the use of relatively unsophisticated methods, often starting with phishing, to gain a foothold in their target’s systems,” BitMEX wrote.

Examining other attacks, it was noted that North Korea’s hacking efforts were likely divided into multiple subgroups with varying levels of technical sophistication. 

“This can be observed through the many documented examples of bad practices coming from these ‘frontline’ groups that execute social engineering attacks when compared to the more sophisticated post-exploitation techniques applied in some of these known hacks,” it said.

The Lazarus Group is an umbrella term used by cybersecurity firms and Western intelligence agencies to describe several hacker teams operating under the direction of the North Korean regime.

In 2024, Chainalysis attributed $1.34 billion in stolen crypto to North Korean actors, accounting for 61% of all thefts that year across 47 incidents, a record high and a 102% increase over 2023’s total of $660 million stolen.

Still a threat

But as founder and CEO of Nominis, Snir Levi warns, growing knowledge of the Lazarus Group’s tactics doesn’t necessarily make them any less of a threat. 

“The Lazarus Group uses multiple techniques to steal cryptocurrencies,” he told Decrypt. “Based on the complaints we collect from individuals, we can assume that they are trying to defraud people on a daily basis.”

The size of some of their hauls has been shocking. 

In February, hackers drained over $1.4 billion from Bybit, made possible by the group tricking an employee at Safe Wallet into running malicious code on their computer. 

“Even the Bybit hack started with social engineering,” Levi said. 

Other campaigns include Radiant Capital, where a contractor was compromised via a malicious PDF file that installed a backdoor.

The attack methods range from basic phishing and fake job offers to advanced post-access tactics like smart contract tampering and cloud infrastructure manipulation.

The BitMEX disclosure adds to a growing body of evidence documenting Lazarus Group’s multi-layered strategies. It follows another report in May from Kraken, in which the company described an attempt by a North Korean to get hired.

U.S. and international officials have said North Korea uses crypto theft to fund its weapons programs, with some reports estimating it may supply up to half of the regime’s missile development budget.

Edited by Sebastian Sinclair

Daily Debrief Newsletter

Start every day with the top news stories right now, plus original features, a podcast, videos and more.



Source link

0 comments
0 FacebookTwitterPinterestEmail
A Hacker May Have Deepfaked Trump’s Chief of Staff in a Phishing Campaign
Gaming Gear

A Hacker May Have Deepfaked Trump’s Chief of Staff in a Phishing Campaign

by admin


For years, a mysterious figure who goes by the handle Stern led the Trickbot ransomware gang and evaded identification—even as other members of the group were outed in leaks and unmasked. This week German authorities revealed, without much fanfare, who they believe that enigmatic hacker kingpin to be: Vi­ta­ly Ni­ko­lae­vich Kovalev, a 36-year-old Russian man who remains at large in his home country.

Closer to home, WIRED revealed that Customs and Border Protection has mouth-swabbed 133,000 migrant children and teenagers to collect their DNA and uploaded their genetic data into a national criminal database used by local, state, and federal law enforcement. As the Trump administration’s migrant crackdown continues, often justified through invocations of crime and terrorism, WIRED also uncovered evidence that ties a Swedish far-right mixed-martial-arts tournament to an American neo-Nazi “fight club” based in California.

For those seeking to evade the US government surveillance, we offered tips about more private alternatives to US-based web browsing, email, and search tools. And we assembled a more general guide to protecting yourself from surveillance and hacking, based on questions our senior writer Matt Burgess received in a Reddit Ask Me Anything.

But that’s not all. Each week, we round up the security and privacy news we didn’t cover in depth ourselves. Click the headlines to read the full stories. And stay safe out there.

The FBI is investigating who impersonated Susie Wiles, the Trump White House’s chief of staff and one of the president’s closest advisers, in a series of fraudulent messages and calls to high-profile Republican political figures and business executives, The Wall Street Journal reported. Government officials and authorities involved in the probe say the spear-phishing messages and calls appear to have targeted individuals on Wiles’ contact list, and Wiles has reportedly told colleagues that her personal phone was hacked to gain access to those contacts.

Despite Wiles’ reported claim of having her device hacked, it remains unconfirmed whether this was actually how attackers identified Wiles’ associates. It would also be possible to assemble such a target list from a combination of publicly available information and data sold by gray-market brokers.

“It’s an embarrassing level of security awareness. You cannot convince me they actually did their security trainings,” says Jake Williams, a former NSA hacker and vice president of research and development at Hunter Strategy. “This is the type of garden-variety social engineering that everyone can end up dealing with these days, and certainly top government officials should be expecting it.”

In some cases, the targets received not just text messages but phone calls that impersonated Wiles’ voice, and some government officials believe the calls may have used artificial intelligence tools to fake Wiles’ voice. If so, that would make the incident one of the most significant cases yet of so-called deepfake software being used in a phishing attempt.

It’s not yet clear how Wiles’ phone might have been hacked, but the FBI has ruled out involvement by a foreign nation in the impersonation campaign, the bureau reportedly told White House officials. In fact, while some of the impersonation attempts appeared to have political goals—a member of Congress, for instance, was asked to assemble a list of people Trump might pardon—in at least one other case the impersonator tried to trick a target into setting up a cash transfer. That attempt at a money grab suggests that the spoofing campaign may be less of an espionage operation than a run-of-the-mill cybercriminal fraud scheme, albeit one with a very high-level target.



Source link

0 comments
0 FacebookTwitterPinterestEmail
Illustration of a hooked email hovering over a mobile phone
Gaming Gear

This dangerous new phishing scam spoofs a top Google program to try and hack Facebook accounts

by admin



  • KnowBe4 is warning of a new phishing campaign leveraging Google AppSheets’ workflow automation
  • The emails are spoofing Facebook and harvesting login credentials
  • The attackers can grab session tokens, as well

Cybercriminals are abusing a legitimate Google service to bypass email protection mechanisms and deliver phishing emails straight to people’s inboxes.

Cybersecurity researchers KnowBe4, who first spotted the attacks, have warned the crooks are using Google AppSheet, a no-code application development platform for mobile and web apps, and through its workflow automation were able to send emails using the “noreply@appsheet.com” address.

The phishing emails are mimicking Facebook, and are designed to trick people into giving away their login credentials, and 2FA codes, for the social media platform.


You may like

2FA codes and session tokens

The emails, which were sent in-bulk and on a fairly large scale, were coming from a legitimate source, successfully bypassing Microsoft and Secure Email Gateways (SEGs) that rely on domain reputation and authentication checks (SPF, DKIM, DMARC).

Furthermore, since AppSheets can generate unique IDs, each email was slightly different, which also helped bypass traditional detection systems.

The emails themselves spoofed Facebook. The crooks tried to trick victims into thinking they infringed on someone’s intellectual property, and that their accounts were due to be deleted within 24 hours.

Unless, of course, they submit an appeal through a conveniently placed “Submit an Appeal” button in the email.

Clicking on the button leads the victim to a landing page impersonating Facebook, where they can provide their login credentials and 2FA codes, which are then relayed to the attackers.

The page is hosted on Vercel which, KnowBe4 says, is a “reputable platform known for hosting modern web applications”. This further strengthens the entire campaign’s credibility.

The attack has a few additional contingencies. The first attempt at logging in returns a “wrong password” result – not because the victim typed in the wrong credential – but in order to confirm the submission.

Also, the 2FA codes that are provided are immediately submitted to Facebook and in return – the crooks grab a session token which grants them persistence even after a password change.

You might also like



Source link

0 comments
0 FacebookTwitterPinterestEmail
Crypto investor loses $2.5M in stablecoins in double phishing scam
Crypto Trends

Crypto investor loses $2.5M in stablecoins in double phishing scam

by admin



A single victim has been scammed two times within three hours, losing a total of $2.5 million in stablecoins.

According to data shared on May 26 by crypto compliance firm Cyvers, the victim sent 843,000 worth of USDt (USDT) followed by another 2.6 million USDt around three hours later. Cyvers said the scam used a method known as a zero-value transfer, a sophisticated form of onchain phishing.

Source: Cyvers Alert

Zero-value transfers are an onchain phishing technique that abuses token transfer functions to trick users into sending real funds to attackers. The attackers exploit the token transferFrom function to transfer zero tokens from the victim’s wallet to a spoofed address.

Since the amount transferred is zero, no signature by the victim’s private key is necessary for onchain inclusion. Consequently, the victims will see the outgoing transaction in their history.

The victim may trust this address since it is included in their transaction history, mistaking it as a known or safe recipient. They may then send real funds to the attacker’s address in a future transaction.

In one high-profile case, a scammer using zero transfer phishing attack managed to steal $20 million worth of USDT before getting blacklisted by the stablecoin’s issuer in the summer of 2023.

Related: Hackers using fake Ledger Live app to steal seed phrases and drain crypto

Advanced form of address poisoning

A Zero-value transfer is considered an evolution of address poisoning — a tactic where attackers send small amounts of cryptocurrency from a wallet address that closely resembles a victim’s real address, often with the same starting and ending characters. The goal is to trick the user into accidentally copying and reusing the attacker’s address in future transactions, resulting in lost funds.

The technique exploits how users often rely on partial address matching or clipboard history when sending crypto. Custom addresses with similar starting and ending characters can also be combined with zero-value transfers.

Related: Industry exec sounds alarm on Ledger phishing letter delivered by USPS

Threat growing across blockchains

A January 2025 study found that over 270 million poisoning attempts occurred on BNB Chain and Ethereum between July 1, 2022, and June 30, 2024. Of those, 6,000 attempts were successful, leading to losses over $83 million.

The report follows crypto cybersecurity firm Trugard and onchain trust protocol Webacy announcing an artificial intelligence-based system for detecting crypto wallet address poisoning. The new tool purportedly has a success score of 97%, tested across known attack cases.

Magazine: Crypto scam hub expose stunt goes viral, Kakao detects 70K scam apps: Asia Express



Source link

0 comments
0 FacebookTwitterPinterestEmail
Best Crypto to Buy as Phishing Scams and Exploits Threaten Web3
NFT Gaming

Best Crypto to Buy as Investors Face Kidnapping, Phishing, and Legal Loopholes

by admin


Trusted Editorial content, reviewed by leading industry experts and seasoned editors. Ad Disclosure

The crypto space has a flair for the dramatic – and scandals are still its favorite subplot.

One day it’s phishing scams turning up in your mailbox like cursed invitations. The next, someone’s being kidnapped over their seed phrase.

And just when you think it can’t get any weirder, a multi-million dollar exploiter walks out of court with a smile and zero jail time. It’s the kind of chaos that gives regulators ulcers and honest investors heartburn.

But here’s the twist: while bad actors steal headlines, a new wave of new crypto projects is quietly building tools that actually help.

These aren’t hype tokens – they’re practical, security-first platforms that could be the grown-ups the industry desperately needs.

If you’re looking for the best crypto to buy in a market full of madness, these three deserve your attention.

When Chaos Reigns: A Quick Reality Check

Think crypto’s getting safer? This week says otherwise.

First up – the kind of story that sounds made up. In Italy, a man was kidnapped and tortured in a mountain cabin for eight days — all so the attacker, a Dutch crypto investor, could steal his wallet passwords. It’s digital greed at its darkest.

Meanwhile, Ledger users received fake phishing letters via USPS. Real envelopes. Fake security alerts. Inside was a malicious QR code urging users to ‘reset’ their wallets.

It looked official, and a major exec called it one of the most sophisticated phishing attempts yet.

And finally, the Mango Markets exploiter who drained $110M. His fraud conviction was overturned. The judge ruled that using a loophole wasn’t technically illegal. He walked free.

The takeaway? Crypto still lacks real protections. But not everyone’s asleep at the wheel. A handful of new projects are using this chaos to build smarter, safer systems – with tools designed to keep your assets and identity intact.

Let’s take a look at the best crypto to buy if you’re ready to invest in the solution, not the problem.

1. Best Wallet Token ($BEST) – The Utility Token That Does More Than Sit in Your Wallet

Best Wallet Token ($BEST) isn’t just another token – it’s quickly earning its place among the best altcoins of 2025, powering one of crypto’s fastest-growing ecosystems.

Built around the Best Wallet app, $BEST gives holders real utility: reduced transaction fees, early access to vetted crypto presales, staking rewards, and even iGaming perks like free spins and lootboxes.

With over $12.6M raised in presale and a current price of $0.025075, $BEST is gaining serious traction.
The token unlocks exclusive features like Upcoming Tokens, a built-in presale platform for partner projects – all without scammy mirror sites or confusing DApps.

There’s also ecosystem governance on the table. As Best Wallet’s user base (already growing at 50% per month) expands, $BEST holders will have a voice in its direction – from feature updates to presale curation.

Backed by Fireblocks’ MPC-CMP security and supported by a 70K-strong social community, $BEST isn’t just a token. It’s a stake in the next wave of secure, user-first crypto infrastructure.

In a market begging for safer tools and real rewards, $BEST stands out as one of the best crypto to buy right now.

2. SUBBD Token ($SUBBD) – Fighting Bots, Boosting Creators, and Backing It All With Data

SUBBD Token ($SUBBD) is doing what few projects dare: calling out the fake numbers that dominate crypto influence.

No more bottled engagement or shady shilling – $SUBBD tracks who actually delivers clicks, conversions, and community growth, and rewards users based on real impact.

At its core, $SUBBD is the first AI-powered content creation and influencer platform that bridges Web2 fame and Web3 transparency.

It lets users create AI-generated images, videos, and avatars with approval from real creators.

Meanwhile, creators use $SUBBD’s built-in AI assistant to manage scheduling, edit content, and boost revenue – all without middlemen taking half their cut.

Over $500K has already been raised in presale, and $SUBBD is currently priced at just $0.0555. With price forecasts putting it between $0.08 and $0.30 by the end of 2025, early believers may be in for real returns.

The platform already boasts a 250M+ combined following across its ambassadors and brands, and offers staking rewards up to 20% APY.

$SUBBD also powers frictionless payments, letting creators get tipped or paid in fiat or crypto – instantly and globally.

In a market plagued by phishing scams and exploiters walking free, $SUBBD brings accountability and transparency back to digital influence.

It’s not just a token. It’s a fix for an $85B creator economy that’s long overdue for disruption.

3. Bittensor ($TAO) – Building Decentralized AI Infrastructure

In a crypto landscape plagued by scams and centralized exploits, Bittensor ($TAO) offers a refreshing alternative: a decentralized, blockchain-based machine learning network.

This open-source protocol incentivizes developers to contribute and refine AI models collaboratively, rewarding them with TAO tokens based on the value they add to the network.

Currently trading at $418.89, TAO has seen a 17% increase over the past month, reflecting growing investor confidence in decentralized AI solutions.

Source: CoinMarketCap.

With a circulating supply of 8.7M tokens and a market cap of approximately $3.4B, Bittensor is gaining traction as a leading project in the AI crypto sector.

In an era where centralized systems are vulnerable to phishing scams and legal loopholes, Bittensor’s decentralized approach to AI development offers a more secure and transparent alternative.

By fostering a collaborative environment for AI innovation, Bittensor not only addresses current security concerns but also lays the groundwork for a more resilient and equitable digital future.

Order in the Chaos

Crypto’s wild side isn’t going anywhere. But projects like Best Wallet Token ($BEST), SUBBD ($SUBBD), and Bittensor ($TAO) are proving that chaos can spark real innovation.

These builders aren’t just dodging scandals – they’re responding with smarter, safer tools for everyone else.
In a world where your password could get you kidnapped, it’s good to know there are still teams fighting the good fight.

Always do your own research (DYOR) before investing in crypto. This article is for informational purposes only and doesn’t constitute financial advice.

Editorial Process for bitcoinist is centered on delivering thoroughly researched, accurate, and unbiased content. We uphold strict sourcing standards, and each page undergoes diligent review by our team of top technology experts and seasoned editors. This process ensures the integrity, relevance, and value of our content for our readers.



Source link

0 comments
0 FacebookTwitterPinterestEmail
Close