As the cryptocurrency industry continues to recover from the major Bybit hack, reports have surfaced that hackers are now targeting the leading exchange Binance with SMS phishing attacks.
Beware of Binance SMS Phishing Attack Attempts
SlowMist’s Chief Information Security Officer, Shān. Zhang (@im23pds), recently warned about a new phishing scam targeting Binance users.
⚠️ 注意:最新针对币安用户的短信钓鱼攻击!
1/昨天,Joe 提到针对币安用户的短信钓鱼攻击,表面上看,它只是普通的短信诈骗,但我分析实际上,这次攻击的手法远不止如此…
👉 继续往下看,你会发现其中的不同之处! 👇@evilcos @wublockchain12 @heyibinance 👀 pic.twitter.com/ar2gbUrKVM— 23pds (山哥) (@im23pds) February 26, 2025
The scam SMS messages appear within the official conversation thread of Binance’s legitimate SMS communications, making them seem like part of the same thread. Zhang suggested that the SMS channel could have been hijacked by phishers to carry out their attacks.
One Binance user, Joe Zhou, shared his alarming experience with the scam. Zhou received an SMS claiming his Binance account was being accessed from North Korea. Panicking after the Bybit hack, he called the number provided in the message.
Later, a person with a strong British accent then instructed him to set up a SafePal wallet, allegedly a Binance partner, and transfer his funds for investigation. Zhou began moving his assets, but his suspicions grew as the situation didn’t seem right. After reaching out to a friend at Binance, he realized he had been scammed. Fortunately, Zhou was able to limit his loss to $2,000, and he urged others to remain cautious against such attacks.
This attack follows a growing trend of hacker activity in the crypto space. Bybit was recently targeted, and now, stablecoin provider Infini has also fallen victim. In addition, cybersecurity firm Kaspersky has reported a new malware campaign, “GitVenom,” where hackers create fake repositories on GitHub hosting malicious software like remote access trojans (RATs), info-stealers, and clipboard hijackers.
Also Read: Du Jun on Infini Attack: $50 Million Loss is an “Entry-Level Trial-and-Error Cost”
