A phishing scheme operating under the name FrenTechPro has emerged, carrying out attacks and thefts in the market. This scam poses as the social platform Friend.Tech, which allows for tokenization and valuation of profiles. In just a few days, the scheme managed to carry out seven attacks on different blockchains.
According to PeckShield, the perpetrators of the scheme were able to steal approximately $214,000 worth of cryptocurrencies, or about R$ 1 million in current values. Once again, the hackers exploited a vulnerability found in bridges between blockchains, which serve as connectors between different networks.
These bridges allow users to transfer tokens between different blockchains without much difficulty. However, the bridges have become a major vector for attacks in recent months, causing significant losses.
How the scam worked
According to PeckShield, the hackers connected to FrenTechPro specifically targeted multiple blockchain platforms. The attacks occurred on the Ethereum, BNB, and Avalanche networks. Additionally, the hackers also infiltrated second-layer platforms Arbitrum, Optimism, and Polygon.
PeckShield quickly alerted users on X (formerly Twitter) about FrenTechPro’s phishing activities and advised not to trust the account ‘friendtech’. This account was a profile on X that the hackers used to deceive victims.
The fraudulent account promised a bridge service between blockchains, conducting token transfers. In return, the service requested users to activate it with a simple click. However, by doing so, the victims allowed the hackers to access their wallets and steal their cryptocurrencies.
This warning came shortly after a alert from Yu Xian, the founder of SlowMist. Xian specifically identified FrenTechPro as a phishing scheme, pointing out that their tactic involved asking users to click on the “ACTIVATE NOW” button. Once clicked, the system persistently attempted to gain access to the assets linked to the user’s wallet.
Increase in phishing threats
Hackers exploiting the trust of innocent users is a recurring problem, and phishing scams like FrenTechPro have become a growing concern in the market. These scammers create fake websites posing as legitimate platforms or services and manipulate users.
By granting access to these scammers, users allow them to make token transfers to other addresses. In other words, they make the act of theft easier.
AegisWeb3, a cybersecurity company, also warned against FrenTechPro, highlighting how the scam deceives users into signing transactions. In this regard, incidents like the $15 million theft from Fortress Trust due to a cloud provider breach underscore concerns about phishing threats.
In many cases, phishing attacks can cause million-dollar losses. For example, a user lost around $24 million worth of cryptocurrencies (R$ 125 million) through such an attack. The user connected their wallet to a fake website, enabling the hackers to take action.
Overall, it is crucial for users to remain vigilant and cautious when interacting online, especially when it comes to digital assets and transactions.