Threat Actors Taking Advantage of FTX Bankruptcy 

Tips & Advice

Authored by Oliver Devane 

It hasn’t taken malicious actors long to take advantage of the recent bankruptcy filing of FTX,  McAfee has discovered several phishing sites targeting FTX users.  

One of the sites discovered was registered on the 15th of November and asks users to submit their crypto wallet phrase to receive a refund. After entering this phrase, the creators of the site would gain access to the victim’s crypto wallet and they would likely transfer all the funds out of it. 

Upon analyzing the website code used to create the phishing sites, we noticed that they were extremely similar to previous sites targeting WalletConnect customers, so it appears that they likely just modified a previous phishing kit to target FTX users.  

The image below shows a code comparison between a website from June 2022, and it shows that the FTX phishing site shares most of its code with it.  

McAfee urges anyone who was using FTX to be weary of any unsolicited emails or social media messages they receive and to double-check the authenticity before accessing them. If you are unsure of the signs to look for, please check out the McAfee Scam education portal (https://www.mcafee.com/consumer/en-us/landing-page/retention/scammer-education.html) 

McAfee customers are protected against the sites mentioned in this blog 

Type  Value  Product  Detected 
URL  ftx-users-refund[.]com  McAfee WebAdvisor  Blocked 
URL  ftx-refund[.]com  McAfee WebAdvisor  Blocked 

Products You May Like

Articles You May Like

CISOs Turn to Indemnity Insurance as Breach Pressure Mounts
Massive Telecom Hack Exposes US Officials to Chinese Espionage
EU Ramps Up Cyber Resilience with Major Crisis Simulation Exercise
Bitcoin Fog Founder Sentenced to 12 Years for Cryptocurrency Money Laundering
Palo Alto Advises Securing PAN-OS Interface Amid Potential RCE Threat Concerns

Leave a Reply

Your email address will not be published. Required fields are marked *