Beware: Scammers Exploit Bookmark Trick to Steal from Friendtech Users!
The scheme operates as follows: once a user unwittingly adds the malicious bookmark to their browser, the JavaScript code springs into action upon accessing the ft site. It then launches a sinister attempt to pilfer sensitive data, including passwords, with a specific focus on ft’s two-factor authentication (2FA) credentials, as illustrated in Figure 1. Additionally, these malevolent scripts seek to compromise the tokens linked to Privy, an embedded wallet used by ft, as depicted in Figure 2. This puts the user’s ft account and any associated funds in grave jeopardy, as the scammers endeavor to gain unauthorized access and control.
Malicious JavaScript Tactics Targeting Friend. tech
![](data:image/svg+xml;utf-8,<svg xmlns="http://www.w3.org/2000/svg" width="1024" height="201" />)
What makes this threat even more alarming is that the method employed is far from novel. The usage of such malicious bookmarks has been increasingly prevalent in schemes aimed at compromising Discord accounts. It serves as a stark reminder that similar tactics can easily be deployed in various online platforms and websites, putting a wide range of accounts and assets at risk of theft and misuse.
Ensuring robust online security practices and promptly removing any dubious bookmarks are vital steps in safeguarding your ft account and the assets associated with it. Stay informed and cautious, as cyber threats continue to evolve and adapt in their quest to exploit vulnerabilities and capitalize on unsuspecting victims.
2 comments