From Web3 crypto drainers to... Brute force?

Plot twist: Hackers have switched up their campaign to launch distributed brute force attacks against thousands of WordPress websites from the browsers of unsuspecting visitors. Research by Denis
sucur.it/3T7f9A2

I'm back, did you miss me? I have some huge news!

Over the last year and a half, I've been working on something big in secret with the rest of the crypto security community. Today, we're finally ready to reveal ourselves to the world. We are Security Alliance

first time I've seen this scam, so posting it as a heads up for users and interfaces

someone bought the ens '[myEthereumAddress].eth'

so when you paste in my address, the top result in some UIs is an ens match instead of the resolved ENS name

impt for UIs to filter these out

1/ It’s 2024 and we are still seeing far too many teams getting SIM swapped or phished on a regular basis resulting in millions stolen.

So here are some tips EVERY team should follow to secure their X (Twitter) account and what to prioritize if an account becomes compromised.

We understand the devastating victim impact of romance scams. This Chainabuse video will help you learn how to protect your loved ones.

Chainabuse: a free platform for crypto safety resources - report your case and get free support: safety.chainabuse.com

Community Alert: Phishing emails are currently being sent out that appear to be from CoinTelegraph, Wallet Connect, Token Terminal and DeFi team emails.

~$580K has been stolen so far
0xe7D13137923142A0424771E1778865b88752B3c7

1/ 🚨 Over $4M in assets have been stolen by sophisticated Solana wallet drainers, and nearly 4k users have fallen victim to these phishing attacks in the past month.

🛑 #CLINKSINK Drainer Campaigns.

▪ Ref: mandiant.com/resources/blog…
▪ Hunting domains with URLscan: urlscan.io/search/#domain…
▪ Config script (matrica[.]business/node.js): raw.githubusercontent.com/CronUp/EnAnali…
▪ 145 related domains:
ahash[.]network
airdrop-jito[.]network
airdrop-jup[.]live…

🚨 If you're reading this, please stop what you are doing and go to your Twitter settings

Click 'Account Info'

Make sure there is NO phone number in the phone number field

Do NOT assume there is no phone number there

Actually click 2 times and make damn fucking sure

🚨 Scam Sniffer's 2023 Report is out! Nearly $300M stolen by phishing campaign targeting crypto wallets - affecting over 324K victims. 🕵️‍♂️

📈 Trends show no sign of slowing, as new drainers emerge to replace the old. Stay vigilant & informed:

drops.scamsniffer.io/post/scam-snif…

Just published our (8th) annual:
'The Mac Malware of <Year>' white paper: objective-see.org/blog/blog_0x77…

It's a technical deep dive into every new macOS malware specimen of 2023, detailing:
💉 Infection
💾 Persistence
📡 Capabilities

...plus samples, detections, & more! 👾🍎💻

Orbit Bridge Hack looking v methodical 👀

Looks like 2024 is going to be another year of handing DPRK billions of dollars on a silver platter. 🙄

embarrassing af.