Recently, multiple users reported mobile wallet app attacks by Trojan viruses. These Trojans disguise themselves as harmless apps or plug-ins but aim to steal wallet mnemonic phrases and private keys to access tokens.
Trojan viruses spread through phishing links, fake apps, or malicious plug-ins. They quietly scan wallet apps for sensitive information, enabling easy theft of the user's tokens once obtained.
Conference Software Trojan
Tom is a KOL in the crypto space and often posts tweets on Twitter. One day, a person claiming to be from Earlybird VC contacted Tom on Twitter and paid Tom to do some translation for her.
She recommended Tom to use a special conference software, claiming that the software has advanced AI real-time translation functions to facilitate meeting communication. Tom trusted and downloaded and the App. Initially, everything seemed normal. However, he later discovered multiple unknown transfers in his transaction records to unfamiliar addresses. By the time he realized, it was too late – his wallets had been wiped out and lost at least $150,000.
The conferencing software was actually a sophisticated Trojan horse program. Investigation showed its domain name was newly registered this year, and its IP address was flagged as malicious by Google Chrome. Upon Tom's download, the Trojan activated in his mobile system, stealing his wallet files, passwords, and tokens from multiple wallets. Additionally, it extracted various account permissions and system information from Tom's phone, compromising personal privacy.
PSA:
- Remain vigilant and thoroughly verify any invitations or offers from unfamiliar sources to prevent falling prey to scams.
- Exercise caution with newly registered domain names and IP addresses flagged as malicious, refraining from downloading or using associated software to mitigate security risks.
imToken Is Always Protecting Your Token Security
Risk Control
In January, imToken marked a total of 1,075 risky tokens; banned 1,071 risky DApp websites; and marked 77,333 risky addresses.
In addition, if you find any suspiciously risky tokens or DApps, please give us timely feedback: support@token.im to help more users avoid asset losses.
Closing Thoughts
With scams continually evolving, it is indeed challenging for average users to fully prevent them. imToken is committed to rapidly detecting issues and finding solutions, providing timely messages to the community, and educating users about various types of scams to protect them from losses.
We encourage you to read and share imToken Wallet Security Monthly Report and join hands with imToken to safeguard your token security.