According to Blockchain Security Slowmist, Crypto users faced a rise in “psychologically manipulative” attacks in the second quarter.
Lisa, head of operations at Slowmist, explain In the company’s second-quarter Misttrack Mistract Fund analysis report, these scams have already been there, although it has not seen advances in hacking technology. Become more complexwith the increase in fake browser extensions, tampered hardware wallets and social engineering attacks.
“Looking back on the second quarter, a trend stands out: Attackers’ approach may not be technically more advanced, but they are psychologically becoming more and more.”
“We’re seeing a clear shift from pure bone attacks to off-chain entry points – browser extensions, social media accounts, authentication streams and user behavior all become common surfaces of attack,” Lisa said.
Malicious browser extension is a security plugin
Ironically, an emerging attack vector Involved in browser extensions Masquerade as a security plugin, such as the “Osiris” Chrome extension, the socket claims to detect phishing links and suspicious websites.
Instead, the extension intercepts all downloads of .exe. .dmg and .zip files, replace these files with malicious programs.
“More insidious attackers will guide users to visit well-known, commonly used websites, such as concepts or zooms,” Lisa said.
“When users try to download software from these official websites, the delivered files have been maliciously replaced – but the browser still displays the download as downloads from legitimate sources, leaving users barely able to find anything suspicious.”
These programs will then collect sensitive information from the user’s computer, including Chrome browser data and MACOS keychain credentials, allowing attackers to access seed phrases, private keys, or login credentials.
Attacking the prey of encrypted users’ anxiety
Another attack method focuses on spoofing crypto investors using tampered hardware wallets, Slowmist said.
In some cases, hackers will send users a compromised cold wallet, telling victims that they have won the free device under a “sweepstakes” or telling them that their existing device is compromised and that they need to transfer assets.
In the second quarter A victim reportedly lost $6.5 million Lisa said by purchasing the tampered cold wallet they saw on Tiktok.
Another attacker sold their pre-activated hardware wallet to the victim, and once new users were transferred to the cryptocurrency for storage, they could immediately run out of funds.
Forged social engineering website
Slowmist said it also contacted users who could not revoke the “risk authorization” in its wallet in the second quarter.
Related: US sanctioned crypto wallets are bound to ransomware, InfoStealer host
After investigation, Slowmist said the site users are using a license to revoke a smart contract is a “almost perfect clone of the popular cash withdrawal interface” that requires users to enter their private key to “check risk signatures.”
“After analyzing the front-end code, we confirm that the website uses email to send user inputs (including private keys and addresses) to the attacker’s email inbox.”
“These social engineering attacks are not technically complex, but they are good at leveraging urgency and trust,” Lisa said.
“Attackers know that such as ‘risk signatures detected’ can trigger panic, prompting users to act hastily. Once an emotional state is triggered, it can be easily manipulated to do things they usually don’t, such as clicking on a link or sharing sensitive information.”
Attack using Pectra to upgrade, WeChat friends
Other attacks include phishing technology that exploits EIP-7702, which was introduced in Ethereum’s latest Pectra upgrade, while another targets several WeChat users by controlling its account.
Cointelegraph Magazine Recent reports The attacker used WeChat’s account recovery system to control an account, impersonating the real owner to trick their contacts with a discounted tether (USDT).
Slowmist’s second-quarter data comes from 429 stolen funds reported to the company in the second quarter.
The company said it had frozen and recovered about $12 million from 11 victims Stealed by cryptocurrency In the second quarter.
Magazine: North Korean crypto hacker Tap Chatgpt, Malaysian road currency: Asian express
