Terra users lost more than $4 million in a phishing attack
- April 22, 2022
- 0
From April 12 to April 21, dozens of Terra network users fell victim to a phishing attack. SlowMist experts said that the attacker received $4.31 million worth of
From April 12 to April 21, dozens of Terra network users fell victim to a phishing attack. SlowMist experts said that the attacker received $4.31 million worth of crypto assets.
According to the SlowMist intelligence site, a large number of users on the Terra network have recently had their funds stolen.
From 4/12 to 4/21, close to $4.31 million worth of assets were maliciously transferred to terra1fz57nt6t3nnxel6q77wsmxxdesn7rgy0h27x3 from approximately 52 different addresses.
— SlowMist (@SlowMist_Team) 21 April 2022
The attacker used phishing ads on Google. According to the firm’s analysts, the calculation was that users would search for well-known projects in the Terra ecosystem, such as Anchor or Astroport.
The search returned results similar to the actual site in the first rows. In some cases, the correct domain was even specified, but changed after clicking the link.
Our security team did an analysis of this incident and discovered that most of this attack came from google phishing ads. Users search for well-known projects on the Terra blockchain. @anchor_protocol or @astroport_fi just to click the first link by google. pic.twitter.com/aucIcnsCd7
— SlowMist (@SlowMist_Team) 21 April 2022
In the window that opens, the victim is asked to tie his wallet and enter a seed phrase. This allowed assets to be withdrawn from it without authorization.
These may look like regular ads, and some even show the same domains, but when you click on the link, the domain actually changes. When clicked, you will be prompted to link your wallet, but instead of connecting, users are prompted to enter their seed phrases. pic.twitter.com/OZjifaJ17m
— SlowMist (@SlowMist_Team) 21 April 2022
SlowMist experts advised Terra users not to click on Google ads or links to suspicious sources.
“This will help reduce the likelihood of becoming a victim of phishing,” they stressed.
Within ten days, the attacker’s wallet received funds from 54 different addresses.
Recall that the MetaMask unattended wallet team warned users of the risks of storing data in Apple iCloud due to possible phishing attacks.
Source: Fork Log
I’m Sandra Torres, a passionate journalist and content creator. My specialty lies in covering the latest gadgets, trends and tech news for Div Bracket. With over 5 years of experience as a professional writer, I have built up an impressive portfolio of published works that showcase my expertise in this field.
