Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Question from my curious mind. How are the Metamask instances of specific device getting replaced by modified/malware-d version? How does that even work?


Basically they first need to get a remote shell and are then able to replace the extension source with the modified one.

This article does a good job explaining it more in depth.[0]

0: https://securelist.com/the-bluenoroff-cryptocurrency-hunt-is...


Thanks! That is some extensive level of social engineering, reconnaissance and exploiting. Takes a lot of patience and discipline to pull such sophisticated heist.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: