New wave of attacks targeting the crypto industry
According to Cointelegraph, a hacker group known as ClickFix has intensified its attacks on cryptocurrency startups and companies, disguising themselves as venture capitalists. This technique gained popularity last year, but security experts have been tracking it since 2024. Various industries have been targeted, but the crypto sector is the most frequent victim.
In the latest case, the hackers managed to breach the Chrome browser extension QuickLens. The cybercriminals created a fake venture capitalist account and contacted the QuickLens developers, offering investment and partnership. After gaining access to the extension's code, they embedded malicious scripts that allowed them to redirect traffic and steal users' cryptocurrency.
Experts note that the ClickFix technique is becoming increasingly sophisticated. Hackers carefully study their targets, create plausible backstories, and employ various social engineering tactics to gain trust. Moreover, they continuously upgrade their malicious tools to bypass security measures.
Such attacks pose a serious threat to the crypto industry. Cybercriminals damage the reputation and finances of target companies, as well as steal users' funds. Experts advise software developers and crypto projects to thoroughly vet potential investors and partners, and users to be vigilant when using extensions and other tools.