A report summarizing 'How is clever social engineering done?' From the victim's perspective is released



Social engineering is a method of stealing important data, property, access rights, etc. using human psychology and mistakes. A person who said, ' Aave , a cryptocurrency token, was about to be stolen by clever social engineering,' summarizes the social engineering techniques he received from the victim's point of view.



This time, it was Thomas (@thomasg_eth) , who runs Arrow , an open source vertical take-off and landing aircraft (VTOL aircraft) development project, who was about to take away the cryptocurrency tokens he had. 'We're still in the early stages, we're accepting help from a lot of people, and we're not refusing to help,' Thomas explains.



One day, a user named 'heckshine' joined Arrow's Discord channel. Introducing himself, heckshine said he works for game development company Ubisoft , working on 3D design and animation. Heckshine also said he was passionate about VTOL, his brother-in-law was Boeing's vice president, and he had friends working on the Metaverse project.



Although heckshine's English had some strange parts, Mr. Thomas said he didn't care much because there was a language barrier. In the next few days, heckshine set about creating the animations for use on Arrow's website, submitting good data, and even starting to render the aircraft. At this point, Thomas and other Arrow members were impressed with heckshine's dedication.

Meanwhile, heckshine introduced his friend 'Linh' to Mr. Thomas and asked if he could send me an email because Linh is interested in Arrow. When Thomas, who was told that Linh's participation was beneficial to Arrow, sent an email, Linh replied with a thoughtful email and talked about his own Metaverse project called 'Space Falcon'. .. At this point, Thomas wasn't particularly interested in NFTs , so he didn't ponder Linh's Metaverse project.

In subsequent interactions, Linh shared his connections with Boeing and the electric aircraft startup Wisk , some thoughts on Arrow, and eventually joined Arrow as an advisor. Linh's English also seemed strange, but he didn't realize that this was also due to the language barrier.



After that, Linh talked about Space Falcon as a mechanism called 'staking' that allows users to continuously earn income according to the NFTs they own. When Thomas investigated around here, it turned out that there is certainly a game project called Space Falcon, and it is quite popular with the blockchain Solana . In addition, it seems that Linh's name was also displayed on the team page.



Since then, heckshine has devotedly cooperated with Arrow's project and submitted some ultra-high quality rendering data. And one day, two weeks after heckshine joined the project, when Thomas and heckshine were talking about aircraft design on Discord, Linh came up with some amazing news. Linh reported that he had successfully secured an appointment with the Wisk team and Mr. Thomas, and pasted a screenshot of the email thread he interacted with with Wisk's Vice President. Though unrealistic when you think about it later, Thomas was delighted for no reason to believe this to be a lie.



At this point, Linh said the Space Falcon staking app was released and asked Thomas to send an NFT to his Ethereum wallet to test the app. Thomas, who is grateful for Linh's help with Arrow, accepts it as a matter of course to help with testing the app. At this time, Thomas decided to store the NFT in a new Ethereum account, considering that Space Falcon is a new project. This was in case of future Space Falcon related issues and misuse. The website page that Linh showed to Thomas stated that he would use a token called 'Armstrong ETH.'



As a result, Thomas reported that the staking process was completed successfully and was easy to operate. Linh then offered to send another NFT and asked, 'I want you to keep it in your main account to support the growth of Space Falcon.' Although it was troublesome, Mr. Thomas who accepted it informed Linh that 'Before staking with the main account, read through the contract firmly', and for some reason Linh's attitude began to be forcible. As a result, Mr. Thomas noticed something was wrong.



When I first checked the transaction history of the address where the NFT was sent from Linh, the Ethereum token approved at the time of staking was not the 'Armstrong ETH' written on the website, but another token, Aave . Turned out. Thomas had a lot of Aaves in his main account. At this point Linh et al. Began deleting all Discord messages. Further scrutiny of the deal by Thomas revealed that it included 'a feature that allows you to transfer any amount of Ethereum tokens from your account.' This means that if you don't store your first NFT in your new account, but in your main account, Linh and colleagues will not only be able to send Aaves to Thomas's main account, but you'll be free to do so. It was also possible to withdraw.



Subsequent investigations revealed that Linh et al.'S account had as much as 100 ETH (about 33 million yen), and Linh et al. Was a very well-funded group. From this point, Thomas believes Linh and his colleagues hired a 3D design contractor to outsource the work of heckshine. Also, although a project called Space Falcon actually exists, Linh was a fake of the same name 'Linh' actually related to the project.



From this case, Thomas said, 'Authorization of tokens is very dangerous and requires the latest attention.' 'Scammers are becoming very smart and use more sophisticated and thorough techniques than ever before.' He claims that he can learn the lesson of 'always check no matter how reliable you are.' Linh and his colleagues have been involved in the project for two weeks and have earned the trust of Thomas, and the only reason they were able to avoid the damage was because they were concerned about the security of the new app.

'I'm very fortunate to be able to overcome all of this with minimal damage. Everyone, be careful!' Concludes the report.



Related Posts:

in Software,   Web Service,   Security, Posted by log1h_ik