Security News > 2022 > October > Hackers are breaching scam sites to hijack crypto transactions
In a perfect example of there being no honor among thieves, a threat actor named 'Water Labbu' is hacking into cryptocurrency scam sites to inject malicious JavaScript that steals funds from the scammer's victims.
In July, the FBI warned of scam 'dApps' that impersonated cryptocurrency liquidity mining services but, in reality, stole a victim's crypto investments.
Instead of creating their own scam sites, Water Labbu hacks into these types of fake dApp sites and injects JavaScript code into site's HTML. The hackers do not engage with the victims and instead leave all the social engineering work to the scammers.
The script monitors newly connected wallets on the scam sites and retrieves the address and balances of TetherUSD and Ethereum wallets.
For Windows users, the hacked sites will show a fake Flash Player update notice overlayed on the scam site instead. The Flash installer is, in reality, a backdoor fetched directly from GitHub.
Periodically review your wallet's allowed sites to make sure you did not inadvertently add a scam site.
News URL
Related news
- Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners (source)
- zkLend loses $9.5M in crypto heist, asks hacker to return 90% (source)
- ⚡ THN Weekly Recap: Google Secrets Stolen, Windows Hack, New Crypto Scams and More (source)
- Indian authorities seize loot from collapsed BitConnect crypto scam (source)
- Hackers pose as employers to steal crypto, login credentials (source)
- North Korean Hackers Target Freelance Developers in Job Scam to Deploy Malware (source)
- North Korean hackers linked to $1.5 billion ByBit crypto heist (source)
- FBI confirms Lazarus hackers were behind $1.5B Bybit crypto heist (source)