Hackers are abusing $TRUMP tokens to lure victims in to new phishing scam

News
By published

Hackers are impersonating Binance to steal people's passwords

Trump
(Image credit: Getty Images)
  • Cofense is warning about an ongoing phishing campaign
  • Threat actors are impersonating Binance and promising their victims $TRUMP coins
  • The victims are enticed to download ConnectWise RAT

Cybercriminals are taking advantage of the "TRUMP coin craze to steal people’s information and possibly other cryptocurrencies, Cofense has warned.

Earlier this year, US President Donald Trump launched a “memecoin” (a cryptocurrency coin made for fun) called $TRUMP. Following its launch, the price of the token soared by over 300% overnight.

Within two days, it became the 19th most valuable cryptocurrency globally, with a total trading value nearing $13 billion based on a $64 value per token for the 200 million tokens issued by the afternoon of January 19.

ConnectWise RAT

These kinds of events are golden opportunities for cybercriminals. As reported by Cofense, the threat actors made a fake Binance website which - while not perfect - does a good job at pretending to be the popular cryptocurrency exchange. The attackers then sent out phishing emails, telling their victims that they could redeem recently created $TRUMP coins, but only if they move fast and download “Binance Desktop”.

Instead of actually getting the exchange’s desktop client, the victims would install the ConnectWise RAT - a once-legitimate Remote Desktop Manager (RDM) exploited by cybercriminals to act as malware. As soon as the fake software is installed, the attackers would move in and try to take over the device.

This is somewhat unusual, Cofense said, since in most ConnectWise RAT cases the threat actor would interact with the victim after some time had passed. In any case, the RAT is then used to exfiltrate passwords saved in Microsoft Edge and other programs and applications supported by the Trojan.

Phishing campaigns often leverage current events, since they help create a sense of urgency. Fast-selling tickets to events such as the Olympics, or the World Cup, Black Friday deals, or cryptocurrency tokens quickly rising in prices, can trigger FOMO with the consumers, making them ideal foundations for a scam campaign.

You might also like

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.