Security researchers have uncovered a large-scale malicious operation that uses trojanized mobile cryptocurrency wallet applications for Coinbase, MetaMask, TokenPocket, and imToken services.
The malicious activity has been identified earlier this year in March. Researchers at Confiant named this activity cluster SeaFlower and describe it as "the most technically sophisticated threat targeting web3 users, right after the infamous Lazarus Group."
In a recent report, Confiant notes that the malicious cryptocurrency apps are identical to the real ones but they come with a backdoor that can steal the users' security phrase for accessing the digital assets.
The threat actors behind SeaFlower activity appear to be Chinese, as per hints such as the language of the comments in the source code, infrastructure location, frameworks and services used.
App distribution
The first step in the SeaFlower operation is to spread the trojanized apps to as many users as possible. The threat actor...
Your content is great. However, if any of the content contained herein violates any rights of yours, including those of copyright, please contact us immediately by e-mail at media[@]kissrpr.com.
INN caught up with cryptocurrency investment expert Dan Hoover to review the current landscape and where the market may be heading. The cryptocurrency investment marketplace has gone through severa...