Warning ❗️ An attack on thematic @telegram crypto chats ongoing now. The attackers use an account named "Smokes Night" to spread Echelon malware by dropping a file into the chat room.
TLDR: Disable auto-downloading in Telegram settings right now.
In this convo I explained the attack (passive XSS) with using animated @telegram stickers, same as attackers did against @opensea users a month ago. Just to add on topic. Remember to keep “Loop Animated Stickers” setting off as well.
GN! Another very serious thread/manifest in which I would like to bring up an important problem. It is called cybersquatting. I will explain everything in details 👇
1/X So, let's begin. What exactly is cybersquatting? Cybersquatting is the bad-faith registration and use of a domain name that would be considered confusingly similar to an existing trademark, for example CADDNA.org or AppleProducts.com.
2/X Cybersquatters often conduct a variety of illegal and illicit practices: they can deliver malware, sell counterfeit goods, host phishing schemes, steal identities, and make money from deceptive advertising ruses.
According to @_CPResearch_, users of the Metamask and Phantom crypto wallets, as well as the Pancake platform, were victims of a crypto-fishing scam that stole more than $500,000.
In this thread I ll try to explain how did attackers do that in my own words 👇
1/X
When searching in google on crypto keywords such as “metamask” the spoofed links would appear at the top of search results. When clicked, the link would redirect to a “white” page and serve phishing content in the native language of the geographic region of the victim.
2/X
This attack method is called "cloaking". Cloaking refers to the practice of presenting different content or URLs to human users and search engines.
Greetings, Dear Community! ❤️ Today I would like to tell you about blockchain forensics a bit more!
👇
To determine if a wallet is related to suspicious activity, services cluster addresses on the blockchain belonging to the same owner. Clustering most often uses two heuristics: the total spend heuristic and the surrender heuristic.
The first clusters addresses that are separate inputs of the same transaction. Since different addresses send funds in the same transaction and have access to each other's private keys, we can assume that these addresses share the same owner.