{"id":27113,"date":"2024-03-04T11:42:54","date_gmt":"2024-03-04T11:42:54","guid":{"rendered":"https:\/\/crowdfundjunction.com\/blog\/new-phishing-campaign-cryptochameleon-targets-fcc-and-crypto-companies\/"},"modified":"2024-03-04T11:42:54","modified_gmt":"2024-03-04T11:42:54","slug":"new-phishing-campaign-cryptochameleon-targets-fcc-and-crypto-companies","status":"publish","type":"post","link":"https:\/\/crowdfundjunction.com\/blog\/new-phishing-campaign-cryptochameleon-targets-fcc-and-crypto-companies\/","title":{"rendered":"New Phishing Campaign &#8220;CryptoChameleon&#8221; Targets FCC and Crypto Companies"},"content":{"rendered":"<p><b>(Originally posted on : Crypto News &#8211; iGaming.org )<\/b><br \/>\n<\/p>\n<div>\n<p>A sophisticated phishing campaign, dubbed CryptoChameleon, has surfaced, taking aim at employees of the Federal Communications Commission (FCC) and personnel from prominent crypto entities such as Coinbase, Binance, Gemini, Kraken, ShakePay, and Trezor.<\/p>\n<p>Security analysts from Lookout report that the attackers behind CryptoChameleon employ a new toolkit to fabricate authentic-looking single sign-on pages for Okta, a cloud service provider for authentication. These meticulously crafted pages serve as bait in a multi-stage social engineering attack, leveraging emails, SMS, and voice phishing techniques to dupe targets into divulging sensitive information, including usernames, passwords, password reset URLs, and even photo IDs. The majority of victims are situated in the United States.<\/p>\n<h2>Innovative Phishing Tactics<\/h2>\n<p>Lookout\u2019s analysis reveals that the phishing kit utilizes a novel tactic by prompting victims to complete a captcha using hCaptcha, thwarting automated analysis tools from detecting the fraudulent site. Moreover, the phishing kit allows real-time interaction with victims, facilitating customization of pages to incorporate phone number digits, thereby enhancing their authenticity.<\/p>\n<p>Lookout\u2019s investigation uncovered over 100 successful phishing attempts linked to CryptoChameleon, with ongoing phishing activities predominantly hosted on servers provided by Hostwinds, Hostinger, and the Russia-based RetnNet.<\/p>\n<p>This latest phishing campaign underscores the evolving sophistication of cyber threats targeting both governmental bodies and cryptocurrency companies, emphasizing the critical importance of robust cybersecurity measures and heightened vigilance in safeguarding sensitive information.<\/p>\n<div class=\"main-org-3-item-ins box-100 relative mb-4\">\n<div class=\"space-org-3-items box-100 relative\">\n<div class=\"box-100 space-org-3-item relative border-tb mt-1 \">\n<div class=\"space-org-3-item-ins box-100 relative\">\n<div class=\"space-org-3-item-terms box-25 relative\">\n<div class=\"space-org-3-item-terms-ins box-100 text-center relative\"> <strong><strong>Get 125% \/ $2,500 on 1st deposit!<\/strong><\/strong> <\/p>\n<p>New players only. Exclusive Welcome Bonus of up to $2,500<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div><\/div>\n<p><a href=\"https:\/\/igaming.org\/crypto\/new-phishing-campaign-cryptochameleon-targets-fcc-and-crypto-companies\/\">Source link <\/a><br \/>\n<br \/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>(Originally posted on : Crypto News &#8211; iGaming.org ) A sophisticated phishing campaign, dubbed CryptoChameleon, has surfaced, taking aim at employees of the Federal Communications Commission (FCC) and personnel from prominent crypto entities such as Coinbase, Binance, Gemini, Kraken, ShakePay, and Trezor. Security analysts from Lookout report that the attackers behind CryptoChameleon employ a new [&hellip;]<\/p>\n","protected":false},"author":34,"featured_media":27114,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0},"categories":[34],"tags":[],"_links":{"self":[{"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/posts\/27113"}],"collection":[{"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/users\/34"}],"replies":[{"embeddable":true,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/comments?post=27113"}],"version-history":[{"count":0,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/posts\/27113\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/media\/27114"}],"wp:attachment":[{"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/media?parent=27113"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/categories?post=27113"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/tags?post=27113"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}