Cybercriminals Target Influencers on Friend.tech
Date: 2023-11-15 Author: Dima Zakharov Categories: BLOCKCHAIN
Unconventional Process
The attacker, disguised as a journalist, orchestrated two-hour interviews on Telegram, inviting influencers unsuspectingly. To compromise Friend.tech, the hacker crafted malicious JavaScript. After the seemingly legitimate conversation, influencers were asked to fill out a form, which was, in reality, a phishing page.
Deceptive Tactics
The phishing page required users to confirm their "ownership rights" to their Friend.tech account. To complete the verification, influencers were instructed to drag the "Verify" button to their bookmarks bar and follow a link. Unbeknownst to them, the button contained malicious JavaScript, granting the hacker access to passwords and user tokens stored in the Privy wallet.
Protecting Against Phishing Attacks
SlowMist advises a thorough understanding of social engineering, increasingly favored by cybercriminals. Additionally, users are urged to avoid unfamiliar links, identify phishing pages (often marked by typos in fake domains), and consider using plugins like the recently launched MetaMask feature for phishing protection.
Previous Friend.tech Breaches
In early October, numerous Friend.tech users reported breaches and digital asset theft. SlowMist experts highlighted the vulnerability of the social network's security, emphasizing the ease of creating an account with just an email address and phone number.
