Hacker News new | ask | show | jobs
by proactivesvcs 62 days ago
"In terms of implementation, the most interesting one is “Іron Wаllеt” (the I, a, and e are Cyrillic). Three seconds after install, it fetches the phishing page’s URL from the first record of a NocoDB spreadsheet and opens it [...] The API key had write access, so I wiped the spreadsheet."
2 comments
methodist 62 days ago
The extension is actually still up: hxxps://addons[.]mozilla[.]org/en-US/firefox/addon/%D1%96ron-w%D0%B0ll%D0%B5t/
link
thephyber 62 days ago
Did you just admit to a CFAA violation?
link
weird-eye-issue 62 days ago
What do you mean by "you"? Do you know what quotes are?
link
sunaookami 62 days ago
Won't someone think of the poor phishers!
link