We recently noticed that some third-party companies and individuals impersonated the TOPONE Markets brand and illegally misappropriated our trademarks.

We Hereby Reiterate Our Statement:

TOPONE Markets does not provide discretionary account operation trading services, nor does it cooperate with other third-party vendors and/ or agents to provide such services.
TOPONE Markets staff will not promise to our customer the definite profit, please do not trust any kind of the profit promise or profit related picture, such as screenshot/ chat history, etc, all investment profit can be only viewed on our official website and application.
TOPONE Markets is a professional online trading platform with low spreads and zero handling fees. Be wary of any behavior that asks you for any fees directly and privately. TOPONE Markets does not charge a fee at any stage of its trading process or other fee.

If you have any questions or concerns, please feel free to reach us by clicking the "Online Customer Support" or send an email to our customer care team cs@top1markets.com. We will answer your questions and assist you promptly.

Understood

We use cookies to learn more about how you use our website and what we can improve. Continue to use our website by clicking "Accept". Details

Trader Affiliates

Market News Blockchain Security Firm SlowMist Notifies Decentralised Social Network Friend.tech of Phishing Attacks

Blockchain Security Firm SlowMist Notifies Decentralised Social Network Friend.tech of Phishing Attacks

Phishing attacks target users of friend.tech by disseminating a malevolent link that harbours a JavaScript script, with the intention of illicitly acquiring their account credentials and funds. By impersonating interviewers and monitoring the target's Twitter network, the attack is executed. SlowMist cautions users about these types of attacks and offers advice on how to circumvent them.

TOP1 Markets Analyst

2023-11-15

12862

SlowMist, a blockchain security firm, has reportedly issued a warning to users of the decentralised social network friend.tech regarding an increase in fraud attacks. On October 14, Twitter user Masiwei was the first to report the issue; he detected a malicious code that was designed to steal friend.tech accounts. An investigation by the SlowMist Security Team unveiled that the assailants distributed a hyperlink comprising a malevolent JavaScript script.

The malevolent script targeted friend.tech users in particular, with a particular emphasis on Key Opinion Leaders (KOLs) whose notoriety suggested they were more likely to be extended interview invitations. By following individuals of the target's Twitter network, the assailant created the illusion of a sense of community on the Twitter page of the target. Subsequently, the assailant would arrange interviews, direct users to subscribe to the interview Telegram, and furnish a synopsis. Subtly posing as verification, the assailant requested users to complete a form and click on a phishing link following the interview. Users unintentionally disclosed their friend.tech account credentials, which comprised the password (2FA) and tokens linked to the embedded wallet Privy, by accessing the bookmark that contained the malicious JavaScript script. As a result, the user's friend.tech account and any associated funds were rendered susceptible to theft.

SlowMist advises increasing awareness of social engineering attacks, refraining from clicking on unfamiliar links, and developing the ability to identify phishing links by verifying their correspondence with official domains and examining domain names for misspellings or excessive punctuation. Additionally, the company recommends that users install anti-phishing plugins. Users of friend.tech have experienced the theft of their digital assets previously. ZachXBT, an on-chain investigator, disclosed last month that SIM card manipulation targeted users of friend.tech. The 2FA password feature was implemented by the friend.tech team as a proactive measure to bolster user security and mitigate the risk of SIM-swap attacks.