• bitcoinBitcoin (BTC) $ 93,786.00
  • ethereumEthereum (ETH) $ 3,283.32
  • tetherTether (USDT) $ 0.999756
  • xrpXRP (XRP) $ 2.38
  • bnbBNB (BNB) $ 921.07
  • usd-coinUSDC (USDC) $ 0.999924
  • staked-etherLido Staked Ether (STETH) $ 3,281.71
  • tronTRON (TRX) $ 0.292185
  • dogecoinDogecoin (DOGE) $ 0.152636
  • cardanoCardano (ADA) $ 0.427236
  • figure-helocFigure Heloc (FIGR_HELOC) $ 1.03
  • wrapped-stethWrapped stETH (WSTETH) $ 4,021.03
  • bitcoin-cashBitcoin Cash (BCH) $ 635.32
  • whitebitWhiteBIT Coin (WBT) $ 58.77
  • wrapped-beacon-ethWrapped Beacon ETH (WBETH) $ 3,571.96
  • wrapped-bitcoinWrapped Bitcoin (WBTC) $ 93,539.00
  • wrapped-eethWrapped eETH (WEETH) $ 3,565.21
  • chainlinkChainlink (LINK) $ 14.10
  • usdsUSDS (USDS) $ 0.999653
  • binance-bridged-usdt-bnb-smart-chainBinance Bridged USDT (BNB Smart Chain) (BSC-USD) $ 0.999760
  • wethWETH (WETH) $ 3,285.53
  • zcashZcash (ZEC) $ 514.44
  • moneroMonero (XMR) $ 442.86
  • leo-tokenLEO Token (LEO) $ 8.90
  • stellarStellar (XLM) $ 0.249443
  • suiSui (SUI) $ 1.97
  • coinbase-wrapped-btcCoinbase Wrapped BTC (CBBTC) $ 93,764.00
  • hyperliquidHyperliquid (HYPE) $ 27.12
  • litecoinLitecoin (LTC) $ 84.10
  • ethena-usdeEthena USDe (USDE) $ 1.00
  • avalanche-2Avalanche (AVAX) $ 14.62
  • hedera-hashgraphHedera (HBAR) $ 0.133572
  • shiba-inuShiba Inu (SHIB) $ 0.000009
  • canton-networkCanton (CC) $ 0.141537
  • world-liberty-financialWorld Liberty Financial (WLFI) $ 0.175273
  • the-open-networkToncoin (TON) $ 1.94
  • susdssUSDS (SUSDS) $ 1.08
  • usdt0USDT0 (USDT0) $ 0.999689
  • daiDai (DAI) $ 0.999446
  • crypto-com-chainCronos (CRO) $ 0.110403
  • uniswapUniswap (UNI) $ 6.20
  • polkadotPolkadot (DOT) $ 2.23
  • mantleMantle (MNT) $ 1.13
  • paypal-usdPayPal USD (PYUSD) $ 0.998959
  • ethena-staked-usdeEthena Staked USDe (SUSDE) $ 1.21
  • usd1-wlfiUSD1 (USD1) $ 1.00
  • rainRain (RAIN) $ 0.009027
  • pepePepe (PEPE) $ 0.000007
  • memecoreMemeCore (M) $ 1.63
  • bittensorBittensor (TAO) $ 292.08
  • aaveAave (AAVE) $ 173.91
  • bitget-tokenBitget Token (BGB) $ 3.58
  • okbOKB (OKB) $ 115.55
  • nearNEAR Protocol (NEAR) $ 1.82
  • tether-goldTether Gold (XAUT) $ 4,482.22
  • falcon-financeFalcon USD (USDF) $ 0.997714
  • ethereum-classicEthereum Classic (ETC) $ 13.39
  • jito-staked-solJito Staked SOL (JITOSOL) $ 177.70
  • ethenaEthena (ENA) $ 0.255747
  • binance-peg-wethBinance-Peg WETH (WETH) $ 3,287.03
  • internet-computerInternet Computer (ICP) $ 3.50
  • aster-2Aster (ASTER) $ 0.792560
  • pi-networkPi Network (PI) $ 0.213552
  • solanaSolana (SOL) $ 142.00
  • blackrock-usd-institutional-digital-liquidity-fundBlackRock USD Institutional Digital Liquidity Fund (BUIDL) $ 1.00
  • worldcoin-wldWorldcoin (WLD) $ 0.640896
  • pax-goldPAX Gold (PAXG) $ 4,495.15
  • jupiter-perpetuals-liquidity-provider-tokenJupiter Perpetuals Liquidity Provider Token (JLP) $ 4.85
  • hash-2Provenance Blockchain (HASH) $ 0.029579
  • htx-daoHTX DAO (HTX) $ 0.000002
  • hashnote-usycCircle USYC (USYC) $ 1.11
  • global-dollarGlobal Dollar (USDG) $ 0.999716
  • kucoin-sharesKuCoin (KCS) $ 11.61
  • binance-staked-solBinance Staked SOL (BNSOL) $ 154.98
  • pump-funPump.fun (PUMP) $ 0.002533
  • aptosAptos (APT) $ 1.98
  • skySky (SKY) $ 0.063818
  • ondo-financeOndo (ONDO) $ 0.463688
  • syrupusdcsyrupUSDC (SYRUPUSDC) $ 1.15
  • kaspaKaspa (KAS) $ 0.052499
  • polygon-ecosystem-tokenPOL (ex-MATIC) (POL) $ 0.132173
  • rocket-pool-ethRocket Pool ETH (RETH) $ 3,792.02
  • ripple-usdRipple USD (RLUSD) $ 1.00
  • wbnbWrapped BNB (WBNB) $ 921.13
  • bfusdBFUSD (BFUSD) $ 0.999352
  • binance-bridged-usdc-bnb-smart-chainBinance Bridged USDC (BNB Smart Chain) (USDC) $ 0.999871
  • render-tokenRender (RENDER) $ 2.53
  • algorandAlgorand (ALGO) $ 0.144825
  • arbitrumArbitrum (ARB) $ 0.224451
  • midnight-3Midnight (NIGHT) $ 0.077181
  • gatechain-tokenGate (GT) $ 10.64
  • cosmosCosmos Hub (ATOM) $ 2.54
  • kelp-dao-restaked-ethKelp DAO Restaked ETH (RSETH) $ 3,489.67
  • filecoinFilecoin (FIL) $ 1.59
  • quant-networkQuant (QNT) $ 79.57
  • vechainVeChain (VET) $ 0.013036
  • official-trumpOfficial Trump (TRUMP) $ 5.58
  • bonkBonk (BONK) $ 0.000012
  • flare-networksFlare (FLR) $ 0.012854
  • ignition-fbtcFunction FBTC (FBTC) $ 94,268.00
  • xdce-crowd-saleXDC Network (XDC) $ 0.053623
  • janus-henderson-anemoy-aaa-clo-fundJanus Henderson Anemoy AAA CLO Fund (JAAA) $ 1.02
  • lombard-staked-btcLombard Staked BTC (LBTC) $ 93,875.00
  • bridged-wrapped-lido-staked-ether-scrollBridged Wrapped Lido Staked Ether (Scroll) (WSTETH) $ 4,001.86
  • solv-btcSolv Protocol BTC (SOLVBTC) $ 93,660.00
  • nexoNEXO (NEXO) $ 0.999812
  • liquid-staked-ethereumLiquid Staked ETH (LSETH) $ 3,485.63
  • myx-financeMYX Finance (MYX) $ 4.78
  • sei-networkSei (SEI) $ 0.133770
  • usddUSDD (USDD) $ 0.999694
  • mantle-staked-etherMantle Staked Ether (METH) $ 3,560.92
  • usdtbUSDtb (USDTB) $ 0.998802
  • pudgy-penguinsPudgy Penguins (PENGU) $ 0.013239
  • ousgOUSG (OUSG) $ 113.87
  • lighterLighter (LIT) $ 3.16
  • wrappedm-by-m0WrappedM by M^0 (WM) $ 1.00
  • superstate-short-duration-us-government-securities-fund-ustbSuperstate Short Duration U.S. Government Securities Fund (USTB) (USTB) $ 10.95
  • arbitrum-bridged-wbtc-arbitrum-oneArbitrum Bridged WBTC (Arbitrum One) (WBTC) $ 93,863.00
  • jupiter-exchange-solanaJupiter (JUP) $ 0.236175
  • wrapped-flareWrapped Flare (WFLR) $ 0.012866
  • bridged-usdc-polygon-pos-bridgePolygon Bridged USDC (Polygon PoS) (USDC.E) $ 0.999703
  • clbtcclBTC (CLBTC) $ 94,573.00
  • renzo-restaked-ethRenzo Restaked ETH (EZETH) $ 3,507.85
  • virtual-protocolVirtuals Protocol (VIRTUAL) $ 1.12
  • story-2Story (IP) $ 2.09
  • pancakeswap-tokenPancakeSwap (CAKE) $ 2.11
  • syrupusdtsyrupUSDT (SYRUPUSDT) $ 1.11
  • morphoMorpho (MORPHO) $ 1.30
  • fetch-aiArtificial Superintelligence Alliance (FET) $ 0.303176
  • beldexBeldex (BDX) $ 0.091136
  • ondo-us-dollar-yieldOndo US Dollar Yield (USDY) $ 1.11
  • blockstackStacks (STX) $ 0.378445
  • stakewise-v3-osethStakeWise Staked ETH (OSETH) $ 3,463.71
  • jupiter-staked-solJupiter Staked SOL (JUPSOL) $ 164.75
  • usdaiUSDai (USDAI) $ 1.00
  • l2-standard-bridged-weth-baseL2 Standard Bridged WETH (Base) (WETH) $ 3,285.39
  • optimismOptimism (OP) $ 0.333176
  • polygon-pos-bridged-dai-polygon-posPolygon PoS Bridged DAI (Polygon POS) (DAI) $ 0.999770
  • curve-dao-tokenCurve DAO (CRV) $ 0.429722
  • tezosTezos (XTZ) $ 0.585331
  • kinetic-staked-hypeKinetiq Staked HYPE (KHYPE) $ 27.41
  • spx6900SPX6900 (SPX) $ 0.653762
  • injective-protocolInjective (INJ) $ 5.76
  • flokiFLOKI (FLOKI) $ 0.000059
  • c8ntinuumc8ntinuum (CTM) $ 0.130352
  • lido-daoLido DAO (LDO) $ 0.673289
  • dashDash (DASH) $ 45.46
  • tbtctBTC (TBTC) $ 93,699.00
  • usual-usdUsual USD (USD0) $ 0.999307
  • eutblSpiko EU T-Bills Money Market Fund (EUTBL) $ 1.22
  • aerodrome-financeAerodrome Finance (AERO) $ 0.612086
  • ether-fiEther.fi (ETHFI) $ 0.817143
  • arbitrum-bridged-weth-arbitrum-oneArbitrum Bridged WETH (Arbitrum One) (WETH) $ 3,285.57
  • gtethGTETH (GTETH) $ 3,286.28
  • celestiaCelestia (TIA) $ 0.600231
  • first-digital-usdFirst Digital USD (FDUSD) $ 0.998872
  • ghoGHO (GHO) $ 0.999936
  • true-usdTrueUSD (TUSD) $ 0.998287
  • iotaIOTA (IOTA) $ 0.115707
  • msolMarinade Staked SOL (MSOL) $ 191.51
  • ether-fi-liquid-ethEther.Fi Liquid ETH (LIQUIDETH) $ 3,528.22
  • stader-ethxStader ETHx (ETHX) $ 3,539.82
  • starknetStarknet (STRK) $ 0.094413
  • dogwifcoindogwifhat (WIF) $ 0.480010
  • fasttokenFasttoken (FTN) $ 1.09
  • wrapped-apecoinWrapped ApeCoin (WAPE) $ 0.233099
  • the-graphThe Graph (GRT) $ 0.043466
  • riverRiver (RIVER) $ 23.18
  • syrupMaple Finance (SYRUP) $ 0.400303
  • jasmycoinJasmyCoin (JASMY) $ 0.009281
  • fartcoinFartcoin (FARTCOIN) $ 0.451144
  • chilizChiliz (CHZ) $ 0.044038
  • bittorrentBitTorrent (BTT) $ 0.00000045
  • doublezeroDoubleZero (2Z) $ 0.127439
  • ethereum-name-serviceEthereum Name Service (ENS) $ 11.46
  • staked-aaveStaked Aave (STKAAVE) $ 175.04
  • newton-projectAB (AB) $ 0.004508
  • conflux-tokenConflux (CFX) $ 0.083062
  • coinbase-wrapped-staked-ethCoinbase Wrapped Staked ETH (CBETH) $ 3,679.79
  • sbtc-2sBTC (SBTC) $ 92,792.00
  • pyth-networkPyth Network (PYTH) $ 0.073059
  • bitcoin-svBitcoin SV (BSV) $ 20.87
  • kaiaKaia (KAIA) $ 0.070827
  • justJUST (JST) $ 0.041592
  • plasmaPlasma (XPL) $ 0.199490
  • chain-2Onyxcoin (XCN) $ 0.011244
  • usdbUSDB (USDB) $ 0.997262
  • pendlePendle (PENDLE) $ 2.35
  • trust-wallet-tokenTrust Wallet (TWT) $ 0.945125
  • binance-peg-dogecoinBinance-Peg Dogecoin (DOGE) $ 0.152556
  • telcoinTelcoin (TEL) $ 0.004116
  • steakhouse-usdc-morpho-vaultSteakhouse USDC Morpho Vault (STEAKUSDC) $ 1.11
  • sun-tokenSun Token (SUN) $ 0.020263
  • gnosisGnosis (GNO) $ 144.09
  • sonic-3Sonic (S) $ 0.100224
  • wrapped-stx-velarWrapped STX (Velar) (WSTX) $ 0.371244
  • apenftAINFT (NFT) $ 0.00000037
  • galaGALA (GALA) $ 0.007766
  • bitcoin-avalanche-bridged-btc-bAvalanche Bridged BTC (Avalanche) (BTC.B) $ 93,656.00
  • euro-coinEURC (EURC) $ 1.17
Bitcoin

Researchers expose phishing campaign targeting Cardano users

By admin
0 6

Researchers expose phishing campaign targeting Cardano users

Cardano users are currently being targeted in a new wallet phishing campaign. According to reports, the sophisticated phishing campaign is currently circulating within the community, posing significant risks to users intending to download the newly announced Eternl Desktop application.

The hackers craft professional emails claiming to promote a legitimate wallet solution designed for secure Cardano staking and governance participation. The announcement uses terms related to users earning rewards, including NIGHT and ATMA token rewards through the current crypto giveaway program, to establish credibility and drive user engagement.

Hackers are targeting Cardano wallet users

According to reports, the hackers were able to create a replica of the official Eternl Desktop announcement, complementing it with a message about hardware wallet compatibility, local key management, and advanced delegation control.

The email shows a polished, professional tone with proper grammar and no visible spelling errors, making it very effective at deceiving Cardano community members. Meanwhile, it distributes malware to any system it enters.

Reports mentioned that the campaign uses a newly registered domain, download(dot)eternldesktop(dot)network, to distribute a malicious installer package without the need for an official verification or digital signature validation.

In the detailed technical analysis carried out by Anurag, an independent threat hunter and malware analyst, the legitimate Eternl.msi file contains a hidden LogMeIn Resolve remote management tool bundled within its installation package.

The discovery exposed a supply chain abuse attempt aimed at establishing persistent unauthorized access on victim systems. The malicious MSI installer, with a size of 23.3 megabytes and with hash 8fa4844e40669c1cb417d7cf923bf3e0, drops an executable called unattended updater.exe, which uses the original filename GoToResolveUnattendedUpdater.exe.

During runtime analysis, the executable creates an identified folder structure under the system’s Program Files.

Once it creates the Program Files, it creates a directory and writes multiple configurations, including unattended.json, logger.json, mandatory.json, and pc.json. The unattended.json configuration file enables remote access functionality without needing the user to interact.

The dropped executable attempts to establish connections to infrastructure associated with legitimate GoTo Resolve Services, including devices-iot.console.gotoresolve.com and dumpster.console.gotoresolve.com.

Malware provides hackers with remote access

According to network analysis, the malware sends information to the hackers in JSON format. It also uses remote servers to establish a communication channel for command execution and system monitoring.

Security researchers say this behavior is important because remote management tools allow hackers to carry out remote command execution and steal credentials once the malware is installed on a victim’s system.

The Cardano phishing campaign also shows how hackers use crypto and the branding of legitimate platforms to distribute tools that have been infected with malware. This means that users need to verify the authenticity of the software they use through official channels. In addition, they must also avoid downloading wallet applications from unverified sources or newly registered domains, irrespective of how good their distribution emails appear.

This Cardano phishing campaign is similar to the one that targeted customers using Meta for advertisements last year. Users are lured with emails that claim their ads have been temporarily suspended due to violations of advertising policies and EU regulations.

The scammers even go as far as making it appear legitimate by adding the official Instagram branding and official-sounding language about policy violations. However, closer inspection showed that the emails were from a different domain.

Researchers mentioned that upon clicking the link, users are redirected to a fake Meta Business page that looks convincing. The website mimics the real support site, opening up with a page that warns the user that their account faces termination if they do not take action immediately.

Users are tricked into inputting their Ad login into the spaces provided, with the customer support guiding them with a provided step-by-step instruction to restore their accounts.

Source

admin 16768 posts 0 comments
You might also like More from author

Leave A Reply

Your email address will not be published.