TZUTC: -0500   
   MSGID: 445.consprcy@1:2320/105 2c383800   
   PID: Synchronet 3.20a-Linux master/acc19483f Apr 26 202 GCC 12.2.0   
   TID: SBBSecho 3.20-Linux master/acc19483f Apr 26 2024 23:04 GCC 12.2.0   
   BBSID: CAPCITY2   
   CHRS: ASCII 1   
   Hackers are abusing $TRUMP tokens to lure victims in to new phishing scam   
      
   Date:   
   Wed, 12 Mar 2025 15:00:00 +0000   
      
   Description:   
   A new campaign promises $TRUMP tokens to those that download Binance, fast.   
      
   FULL STORY   
   ======================================================================   
    - Cofense is warning about an ongoing phishing campaign   
    - Threat actors are impersonating Binance and promising their victims $TRUMP   
   coins   
    - The victims are enticed to download ConnectWise RAT   
      
   Cybercriminals are taking advantage of the "TRUMP" coin craze to steal peoples   
   information and possibly other cryptocurrencies, Cofense has warned.    
      
   Earlier this year, US President Donald Trump launched a memecoin (a   
   cryptocurrency coin made for fun) called $TRUMP. Following its launch, the   
   price of the token soared by over 300% overnight.    
      
   Within two days, it became the 19th most valuable cryptocurrency globally,   
   with a total trading value nearing $13 billion based on a $64 value per token   
   for the 200 million tokens issued by the afternoon of January 19.   
      
   ConnectWise RAT   
      
   These kinds of events are golden opportunities for cybercriminals. As    
   reported by Cofense, the threat actors made a fake Binance website which -   
   while not perfect - does a good job at pretending to be the popular   
   cryptocurrency exchange. The attackers then sent out phishing emails, telling   
   their victims that they could redeem recently created $TRUMP coins, but only   
   if they move fast and download Binance Desktop.    
      
   Instead of actually getting the exchanges desktop client, the victims would   
   install the ConnectWise RAT - a once-legitimate Remote Desktop Manager (RDM)   
   exploited by cybercriminals to act as malware . As soon as the fake software   
   is installed, the attackers would move in and try to take over the device.    
      
   This is somewhat unusual, Cofense said, since in most ConnectWise RAT cases   
   the threat actor would interact with the victim after some time had passed.    
   In any case, the RAT is then used to exfiltrate passwords saved in Microsoft   
   Edge and other programs and applications supported by the Trojan.    
      
   Phishing campaigns often leverage current events, since they help create a   
   sense of urgency. Fast-selling tickets to events such as the Olympics , or    
   the World Cup , Black Friday deals, or cryptocurrency tokens quickly rising    
   in prices, can trigger FOMO with the consumers, making them ideal foundations   
   for a scam campaign.   
      
   ======================================================================   
   Link to news story:   
   https://www.techradar.com/pro/security/hackers-are-abusing-usdtrump-tokens-to-   
   lure-victims-in-to-new-phishing-scam   
      
   $$   
   --- SBBSecho 3.20-Linux   
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)   
   SEEN-BY: 105/81 106/201 128/187 129/305 153/7715 154/110 218/700 226/30   
   SEEN-BY: 227/114 229/110 111 114 206 300 307 317 400 426 428 470 664   
   SEEN-BY: 229/700 705 266/512 291/111 320/219 322/757 342/200 396/45   
   SEEN-BY: 460/58 712/848 902/26 2320/0 105 3634/12 5075/35   
   PATH: 2320/105 229/426