Lookout Exposes Crypto Phishing Kit Targeting Exchanges

Lookout uncovers a new advanced phishing kit targeting crypto exchanges.

Man pointing at a giant hacker with robotic spider fingers sitting on a beach.
Created by Gabor Kovacs from DailyCoin
  • There is a new crypto phishing kit on the internet.
  • The phishing kit mimics tactics employed by a famous cybercriminal group.
  • It has so far impacted hundreds of victims.

Data-centric cloud security company Lookout announced on Thursday the discovery of an โ€œadvanced phishing kitโ€ exhibiting tactics that target cryptocurrency exchanges.

Dubbed CryptoChameleon, the phishing kit can also be used against the Federal Communications Commission (FCC) via mobile devices. The intended targets include mostly crypto traders, single sign-on (SSO) services in the U.S., Binance staff, and Coinbase employees.

The Mechanics of CryptoChameleon Phishing Kit

According to a February 29 press release by Lookout, the CryptoChameleon phishing kit mimics techniques employed before by the Scattered Spider cybercriminal group, which includes taking a unique approach to collect login credentials.

Sponsored

By leveraging the phishing kit, cybercriminals can approach victims via text messages and voice calls to build trust while luring them into the attack. If successful, the attack can result in the theft of sensitive data, including usernames, passwords, password reset URLs, and photo IDs.

โ€œUnlike typical phishing kits, which attempt to harvest credentials as quickly as possible, CryptoChameleon is aware of modern security controls organizations have put in place such as multi-factor authentication and allows bad actors to respond accordingly,โ€ the statement read.

According to anecdotal accounts of the people who have fallen victim to the phishing kit, CryptoChameleon can replicate a real companyโ€™s support team by leveraging phone numbers and websites that โ€œappear to be legitimate.โ€

Following this discovery, the Vice President of Endpoint and Threat Intelligence at Lookout, David Richardson, urged crypto exchanges to be on the lookout.

โ€œWeโ€™re seeing a trend of financially motivated threat actors โ€“ who typically target cryptocurrency and direct financial fraud โ€“ move into breaching enterprise and government organizations for ransom. We urge cryptocurrency and single-sign-on users and organizations to take steps to protect their devices, work, and personal data.โ€ Richardson stated.

Per the statement, Lookout researchers have identified over 250 phishing sites using CryptoChameleon, with โ€œmore being found every day.โ€ As for the number of victims the phishing kit has already impacted, Lookout said it runs into โ€œhundreds.โ€

Stay updated on why BitForex is stirring exit scam fears:

Hereโ€™s Why BitForex Is Stirring Exit Scam Fears Among Users

Stay updated on the recent exploit on Seneca Protocol:

Seneca Hacker Returns $5.3M to Protocol After Negotiations

This article is for information purposes only and should not be considered trading or investment advice. Nothing herein shall be construed as financial, legal, or tax advice. Trading forex, cryptocurrencies, and CFDs pose a considerable risk of loss.

Author
Brian Danga

Brian Danga is a crypto reporter at DailyCoin covering breaking news. Brian has minor holdings in Bitcoin and Ethereum.

Read more