Bitcoin
Bitcoin (BTC)
$101,978.00 -0.01743
Bitcoin price
Ethereum
Ethereum (ETH)
$3,886.40 -0.85511
Ethereum price
BNB
BNB (BNB)
$717.01 -1.16322
BNB price
Solana
Solana (SOL)
$221.03 -2.04048
Solana price
XRP
XRP (XRP)
$2.42 -0.41881
XRP price
Shiba Inu
Shiba Inu (SHIB)
$0.0000275 -3.69732
Shiba Inu price
Pepe
Pepe (PEPE)
$0.0000235 -3.69173
Pepe price
Bonk
Bonk (BONK)
$0.0000365 -6.14043
Bonk price
dogwifhat
dogwifhat (WIF)
$2.84 -3.62068
dogwifhat price
Popcat
Popcat (POPCAT)
$1.10 -9.08798
Popcat price
Bitcoin
Bitcoin (BTC)
$101,978.00 -0.01743
Bitcoin price
Ethereum
Ethereum (ETH)
$3,886.40 -0.85511
Ethereum price
BNB
BNB (BNB)
$717.01 -1.16322
BNB price
Solana
Solana (SOL)
$221.03 -2.04048
Solana price
XRP
XRP (XRP)
$2.42 -0.41881
XRP price
Shiba Inu
Shiba Inu (SHIB)
$0.0000275 -3.69732
Shiba Inu price
Pepe
Pepe (PEPE)
$0.0000235 -3.69173
Pepe price
Bonk
Bonk (BONK)
$0.0000365 -6.14043
Bonk price
dogwifhat
dogwifhat (WIF)
$2.84 -3.62068
dogwifhat price
Popcat
Popcat (POPCAT)
$1.10 -9.08798
Popcat price
Bitcoin
Bitcoin (BTC)
$101,978.00 -0.01743
Bitcoin price
Ethereum
Ethereum (ETH)
$3,886.40 -0.85511
Ethereum price
BNB
BNB (BNB)
$717.01 -1.16322
BNB price
Solana
Solana (SOL)
$221.03 -2.04048
Solana price
XRP
XRP (XRP)
$2.42 -0.41881
XRP price
Shiba Inu
Shiba Inu (SHIB)
$0.0000275 -3.69732
Shiba Inu price
Pepe
Pepe (PEPE)
$0.0000235 -3.69173
Pepe price
Bonk
Bonk (BONK)
$0.0000365 -6.14043
Bonk price
dogwifhat
dogwifhat (WIF)
$2.84 -3.62068
dogwifhat price
Popcat
Popcat (POPCAT)
$1.10 -9.08798
Popcat price
Bitcoin
Bitcoin (BTC)
$101,978.00 -0.01743
Bitcoin price
Ethereum
Ethereum (ETH)
$3,886.40 -0.85511
Ethereum price
BNB
BNB (BNB)
$717.01 -1.16322
BNB price
Solana
Solana (SOL)
$221.03 -2.04048
Solana price
XRP
XRP (XRP)
$2.42 -0.41881
XRP price
Shiba Inu
Shiba Inu (SHIB)
$0.0000275 -3.69732
Shiba Inu price
Pepe
Pepe (PEPE)
$0.0000235 -3.69173
Pepe price
Bonk
Bonk (BONK)
$0.0000365 -6.14043
Bonk price
dogwifhat
dogwifhat (WIF)
$2.84 -3.62068
dogwifhat price
Popcat
Popcat (POPCAT)
$1.10 -9.08798
Popcat price

Hackers target Coinbase, Binance staff with phishing clones of Gmail, iCloud

hackers-target-coinbase-binance-staff-with-phishing-clones-of-gmail-icloud
Edited by
News
Hackers target Coinbase, Binance staff with phishing clones of Gmail, iCloud

Cybersecurity researchers have identified a new phishing toolkit dubbed CryptoChameleon, which targets employees of Coinbase, Binance, Gemini, and Kraken.

A phishing campaign employing a new toolkit dubbed CryptoChameleon has emerged, targeting Federal Communications Commission (FCC) employees as well as staff of crypto companies like Coinbase, Binance, Gemini, Kraken, ShakePay, and Trezor.

Hackers target Coinbase, Binance staff with phishing clones of Gmail, iCloud - 1
Phishining clone of Coinbase sign in page | Source: Lookout

As reported by analysts at cybersecurity firm Lookout, the attackers craft convincing single sign-on pages for Okta, a cloud service provider for authentication, resembling authentic ones. The multi-stage social engineering attack also involves emails, SMS, and voice phishing to trick the target into sharing usernames, passwords, password reset URLs and even photo IDs from victims, mostly located in the U.S., the firm says.

“This phishing kit first asks the victim to complete a captcha using hCaptcha. This is a novel tactic that prevents automated analysis tools from crawling and identifying the phishing site.”

Lookout

The phishing kit uses real-time interaction with victims, allowing customization of pages to include phone number digits, enhancing legitimacy. Analysis by Lookout revealed over 100 successful phishing attempts and ongoing phishing activity, primarily hosted on servers by Hostwinds, Hostinger, and Russia-based RetnNet.

At the time of writing, neither Coinbase nor Binance, Kraken, or Gemini has released public statements regarding the matter. It also remains unclear whether the hackers have gained unauthorized access to private data.

In January, analysts at the blockchain security firm SlowMist disclosed that more than 80% of comments on publications of prominent projects on X were related to phishing software. According to the firm, scammers have been actively acquiring X accounts for fraudulent activities on Telegram, a popular cloud messaging platform, mainly targeting well-known crypto projects.