1/7 #Kucoin - How easily you can fall victim of #phishing and find your wallet empty.
A short video on how hackers are still masking and redirecting their phishing URL to legit Kucoin website, loading in malicious cookies/script
@kucoincom @lyu_johnny
A short video on how hackers are still masking and redirecting their phishing URL to legit Kucoin website, loading in malicious cookies/script
@kucoincom @lyu_johnny
2/7 What happens after that?
short answer: hackers activate a master API that bypass login, withdrawal and notifications measures. IP and location are correct. This fools you and the Kucoin security as well. Hackers wipe everything leaving spare change.
@kucoincom @lyu_johnny
short answer: hackers activate a master API that bypass login, withdrawal and notifications measures. IP and location are correct. This fools you and the Kucoin security as well. Hackers wipe everything leaving spare change.
@kucoincom @lyu_johnny
3/7 what happened in 8 step:
1. User open phishing website from Google Ads
2. Fake URL Website is instantly masked/redirect to KuCoin .com
3. malicious cookies/script are now saved in your browser
4. You input email, password or QR Code and 2FA
..continue
@kucoincom @lyu_johnny
1. User open phishing website from Google Ads
2. Fake URL Website is instantly masked/redirect to KuCoin .com
3. malicious cookies/script are now saved in your browser
4. You input email, password or QR Code and 2FA
..continue
@kucoincom @lyu_johnny
4/7 — the hackers are already in your account now and are ready to create a master API —
6. Kucoin ask for an email login code
7. Hackers instead send you an email with a code to activate a master API
...continue
@kucoincom @lyu_johnny
6. Kucoin ask for an email login code
7. Hackers instead send you an email with a code to activate a master API
...continue
@kucoincom @lyu_johnny
5/7
8. You are logged into your trading account now and the hackers have successfully created the API that block your IP and bypass any security restriction, they will liquidate your positions and withdraw the funds.
...continue
@kucoincom @lyu_johnny
8. You are logged into your trading account now and the hackers have successfully created the API that block your IP and bypass any security restriction, they will liquidate your positions and withdraw the funds.
...continue
@kucoincom @lyu_johnny
6/7 users faults apart, we think Kucoin security has it's part in this fail.
- They didn't recognize in numerous steps the intrusion of hackers.
- Every account can easily activate such a powerful API, yet 95% of users will never use it, hackers will do.
@kucoincom @lyu_johnny
- They didn't recognize in numerous steps the intrusion of hackers.
- Every account can easily activate such a powerful API, yet 95% of users will never use it, hackers will do.
@kucoincom @lyu_johnny
7/7 This was a short explanation on what is still happening, and why we hope Kucoin will do more than just sending copycat support emails. We'll post hackers withdrawals and wallets hoping to avoid others the same fate and maybe find a way to be helped
@kucoincom @lyu_johnny
@kucoincom @lyu_johnny
• • •
Missing some Tweet in this thread? You can try to
force a refresh
