Crypto Catastrophe: PoisonSeed Scam Drains Wallets with Fake Seed Phrases
PoisonSeed is on a crypto-crime spree, using compromised CRM credentials to send spam, tricking victims into using fake recovery seed phrases and draining their wallets. With phishing pages mimicking top email providers, the campaign aims to pilfer credentials and funds, targeting anyone from enterprises to crypto rookies.
Hot Take:
Hold on to your digital wallets, folks! The PoisonSeed campaign is spreading like an endless chain email, trying to harvest enough crypto-seeds to start its own digital garden of evil. If you’re getting emails offering free cryptocurrency seeds, they’re not trying to help you grow your portfolio—they’re trying to prune it down to zero. Consider this a PSA: If you find a seed phrase in your inbox, it’s not for planting, it’s for pilfering!
Key Points:
- PoisonSeed is a malicious campaign targeting CRM tools and bulk email providers to send spam with crypto seed phrases.
- Victims are tricked into using fake seed phrases to set up wallets, allowing attackers to drain funds.
- The campaign is distinct from known threat actors Scattered Spider and CryptoChameleon, though similarities exist.
- Attackers create lookalike phishing pages for CRM and email companies to obtain credentials.
- A Russian-speaking threat actor is using Cloudflare-hosted phishing pages to spread malware for remote control of Windows hosts.