Phishing Scheme Involving Fake Journalists Exposed in Friend.tech Attack

Friend. Tech recently faced a sophisticated phishing attack, as disclosed by SlowMist. The attackers used deceptive tactics, employing fake interviews and malicious scripts to target users effectively.

In this scheme, unknown perpetrators sent users a link containing a malicious JavaScript script. Users were deceived into adding it as a bookmark, setting the stage for potential malicious activities in the future.

The investigation revealed that the attackers posed as journalists from a reputable news agency, with one imposter amassing over ten thousand followers on Twitter. To gain victims’ trust, the attacker specifically targeted key opinion leaders—individuals popular enough to find it reasonable to receive interview invitations.

Sophisticated Social Engineering Tactics Employed in Friend.tech Phishing Attack

To further diminish suspicion, the attacker followed the same people on Twitter as the victims, creating the illusion of being part of the same community. After scheduling the interview, the attacker proposed joining the interview on Telegram and provided an interview plan. Following the discussion, the attacker requested the victims to fill out a form and open a phishing link.

While the SlowMist team did not specify the amount of cryptocurrency stolen through this fraudulent method or the number of affected users, they urged vigilance and caution against suspicious content.

In an advisory, the SlowMist team emphasized preventive measures, stating,

This revelation comes in the wake of a rising trend in sophisticated phishing attacks, underscoring the need for heightened cybersecurity awareness and caution among users.