social engineering attacks
-
ZkSync: The account was hacked due to Twitter not following standard procedures and approving the request of the impersonator to change the password
On April 16th, zkSync released a detailed report on Twitter account theft, stating that \”the impersonator forged their identity and claimed to be the official representative of zkS
-
Generative AI used to increase social engineering attacks by 135%
It is reported that according to the latest research report released by the network security company Darktrace, attackers use generative AI such as ChatGPT to increase the number o
-
PeopleDAO Community Vault Hacked for $120k
On March 12, PeopleDAO tweets showed that when PeopleDAO’s community vault on the digital asset management platform Safe (formerly Gnosis Safe) issued a monthly contributor award on March 6, it was stolen 76 ETHs (about $120000) by hackers through social engineering attacks. This event has nothing to do with the PEOPLE token contract. PeopleDAO collects monthly contributor reward information through Google Form. The accounting principal mistakenly shared a link with editing rights in the public channel of Discord. After the hacker obtained editing rights through the link, he inserted a payment of 76 ETHs to his address in the form and set it as invisible. Due to the malicious concealment, the team leader did not find it during the review. After downloading the csv file with insertef data, it was submitted to Safe’s CSV Airdrop tool for reward distribution. Since there were 80 transfers in the transaction, 6 of the 9 multi-signature accounts did not notice the malicious transfer. After…