SlowMist COSINE: Phishing Group Uses Google Subdomain for New Phishing Attack, Leading Users to Disclose Account Passwords

Blockbeats

昨天

BlockBeats News, April 20th - SlowMist founder Cosmos posted on social media that earlier, the ENS chief developer fell victim to a phishing attack that exploited a vulnerability in Google's infrastructure. The phishing group sent out a phishing email disguised as an official Google communication, tricking users into believing they were under investigation. While Google has taken countermeasures, today the phishing group launched a new round of phishing attacks and will continue to lure users to a subdomain of "google.com," prompting them to disclose their account passwords and immediately add a Passkey.

BlockBeats previously reported that on April 16th, ENS chief developer nick.eth stated that he experienced a highly sophisticated phishing attack that exploited a vulnerability in Google's infrastructure, which Google refused to fix. He indicated that the attack email looked very authentic, could pass DKIM signature verification, and was displayed normally in Gmail, alongside other legitimate security alerts in the same thread. The attackers used Google's "sites" service to create a trusted "support portal" page, as users would see the domain name containing "google.com" and mistake it for being secure. Users should remain vigilant.

免责声明：投资有风险，本文并非投资建议，以上内容不应被视为任何金融产品的购买或出售要约、建议或邀请，作者或其他用户的任何相关讨论、评论或帖子也不应被视为此类内容。本文仅供一般参考，不考虑您的个人投资目标、财务状况或需求。TTM对信息的准确性和完整性不承担任何责任或保证，投资者应自行研究并在投资前寻求专业建议。

热议股票

1
2
3
4
5
6
7
8
9
10

{"basename":"/hans","ssrTDKData":{"titleTemplate":"%s - 老虎证券","title":"老虎证券全球投资理财平台| 一站式投资美股新股港股A股","description":"老虎证券助您一站式投资美股，新股，港股，A股等全球金融理财产品。新加坡华人最信赖的在线投资平台，现在加入即享低费用，24/5 无时差炒美股投资理财！","keywords":"老虎证券,老虎证券开户,老虎券商,老虎证券官网,老虎证券app,tigertrade老虎证券,股票,炒股,新加坡股票交易平台,投资,投资理财","social":{"ogDescription":"老虎证券助您一站式投资美股，新股，港股，A股等全球金融理财产品。新加坡华人最信赖的在线投资平台，现在加入即享低费用，24/5 无时差炒美股投资理财！","ogImage":"https://c1.itigergrowtha.com/portal5/static/media/og-logo.be62fbe1.png","ogUrl":"https://www.itiger.com/hans/news/2528869610"},"companyName":"老虎证券"},"pageData":{"isMobile":false,"isTiger":false,"isTTM":true,"region":"SGP","license":"TBSG","edition":"fundamental"},"__swrFallback__":{"@#url:\"https://stock-news.skytigris.cn/v3/news\",params:#id:\"2528869610\",edition:\"fundamental\",,,undefined,":{"share":"https://ttm.financial/m/news/2528869610?lang=zh_CN&edition=fundamental","thumbnail":"","is_english":true,"pubTime":"2025-04-20 21:43","share_image_url":"https://static.laohu8.com/e9f99090a1c2ed51c021029395664489","id":"2528869610","market":"us","top_or_hot":-1,"title":"SlowMist COSINE: Phishing Group Uses Google Subdomain for New Phishing Attack, Leading Users to Disclose Account Passwords","media":"Blockbeats","content":"<html><body><div><p>BlockBeats News, April 20th - SlowMist founder Cosmos posted on social media that earlier, the ENS chief developer fell victim to a phishing attack that exploited a vulnerability in Google's infrastructure. The phishing group sent out a phishing email disguised as an official Google communication, tricking users into believing they were under investigation. While Google has taken countermeasures, today the phishing group launched a new round of phishing attacks and will continue to lure users to a subdomain of \"google.com,\" prompting them to disclose their account passwords and immediately add a Passkey.</p><p>BlockBeats previously reported that on April 16th, ENS chief developer nick.eth stated that he experienced a highly sophisticated phishing attack that exploited a vulnerability in Google's infrastructure, which Google refused to fix. He indicated that the attack email looked very authentic, could pass DKIM signature verification, and was displayed normally in Gmail, alongside other legitimate security alerts in the same thread. The attackers used Google's \"sites\" service to create a trusted \"support portal\" page, as users would see the domain name containing \"google.com\" and mistake it for being secure. Users should remain vigilant.</p></div></body></html>","source":"theblockbeats_live","html":"<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\n<meta name=\"viewport\" content=\"width=device-width,initial-scale=1.0,minimum-scale=1.0,maximum-scale=1.0,user-scalable=no\"/>\n<meta name=\"format-detection\" content=\"telephone=no,email=no,address=no\" />\n<title>SlowMist COSINE: Phishing Group Uses Google Subdomain for New Phishing Attack, Leading Users to Disclose Account Passwords</title>\n<style type=\"text/css\">\na,abbr,acronym,address,applet,article,aside,audio,b,big,blockquote,body,canvas,caption,center,cite,code,dd,del,details,dfn,div,dl,dt,\nem,embed,fieldset,figcaption,figure,footer,form,h1,h2,h3,h4,h5,h6,header,hgroup,html,i,iframe,img,ins,kbd,label,legend,li,mark,menu,nav,\nobject,ol,output,p,pre,q,ruby,s,samp,section,small,span,strike,strong,sub,summary,sup,table,tbody,td,tfoot,th,thead,time,tr,tt,u,ul,var,video{ font:inherit;margin:0;padding:0;vertical-align:baseline;border:0 }\nbody{ font-size:16px; line-height:1.5; color:#999; background:transparent; }\n.wrapper{ overflow:hidden;word-break:break-all;padding:10px; }\nh1,h2{ font-weight:normal; line-height:1.35; margin-bottom:.6em; }\nh3,h4,h5,h6{ line-height:1.35; margin-bottom:1em; }\nh1{ font-size:24px; }\nh2{ font-size:20px; }\nh3{ font-size:18px; }\nh4{ font-size:16px; }\nh5{ font-size:14px; }\nh6{ font-size:12px; }\np,ul,ol,blockquote,dl,table{ margin:1.2em 0; }\nul,ol{ margin-left:2em; }\nul{ list-style:disc; }\nol{ list-style:decimal; }\nli,li p{ margin:10px 0;}\nimg{ max-width:100%;display:block;margin:0 auto 1em; }\nblockquote{ color:#B5B2B1; border-left:3px solid #aaa; padding:1em; }\nstrong,b{font-weight:bold;}\nem,i{font-style:italic;}\ntable{ width:100%;border-collapse:collapse;border-spacing:1px;margin:1em 0;font-size:.9em; }\nth,td{ padding:5px;text-align:left;border:1px solid #aaa; }\nth{ font-weight:bold;background:#5d5d5d; }\n.symbol-link{font-weight:bold;}\n/* header{ border-bottom:1px solid #494756; } */\n.title{ margin:0 0 8px;line-height:1.3;color:#ddd; }\n.meta {color:#5e5c6d;font-size:13px;margin:0 0 .5em; }\na{text-decoration:none; color:#2a4b87;}\n.meta .head { display: inline-block; overflow: hidden}\n.head .h-thumb { width: 30px; height: 30px; margin: 0; padding: 0; border-radius: 50%; float: left;}\n.head .h-content { margin: 0; padding: 0 0 0 9px; float: left;}\n.head .h-name {font-size: 13px; color: #eee; margin: 0;}\n.head .h-time {font-size: 11px; color: #7E829C; margin: 0;line-height: 11px;}\n.small {font-size: 12.5px; display: inline-block; transform: scale(0.9); -webkit-transform: scale(0.9); transform-origin: left; -webkit-transform-origin: left;}\n.smaller {font-size: 12.5px; display: inline-block; transform: scale(0.8); -webkit-transform: scale(0.8); transform-origin: left; -webkit-transform-origin: left;}\n.bt-text {font-size: 12px;margin: 1.5em 0 0 0}\n.bt-text p {margin: 0}\n</style>\n</head>\n<body>\n<div class=\"wrapper\">\n<header>\n<h2 class=\"title\">\nSlowMist COSINE: Phishing Group Uses Google Subdomain for New Phishing Attack, Leading Users to Disclose Account Passwords\n</h2>\n\n<h4 class=\"meta\">\n\n\n2025-04-20 21:43 GMT+8&nbsp;&nbsp;&nbsp;<a href=https://www.theblockbeats.info//en/flash/290454><strong>Blockbeats</strong></a>\n\n\n</h4>\n\n</header>\n<article>\n<div>\n<p>BlockBeats News, April 20th - SlowMist founder Cosmos posted on social media that earlier, the ENS chief developer fell victim to a phishing attack that exploited a vulnerability in Google's ...</p>\n\n<a href=\"https://www.theblockbeats.info//en/flash/290454\">网页链接</a>\n\n</div>\n\n\n</article>\n</div>\n</body>\n</html>\n","isBrief":false,"type":0,"news_type":1,"symbol":"GOOG","symbol_name":"谷歌","start_time":0,"source_url":"https://www.theblockbeats.info//en/flash/290454","article_id":"2528869610","we_media_id":null,"thumbnails":[],"rights":null,"url":"https://stock-news.laohu8.com/highlight/detail?id=2528869610","pubTimestamp":1745156580,"columns":[],"sourceInfo":{"source_id":"theblockbeats_live","name":"Blockbeats快讯"},"weMediaInfo":null,"summary":"BlockBeats News, April 20th - SlowMist founder Cosmos posted on social media that earlier, the ENS chief developer fell victim to a phishing attack that exploited a vulnerability in Google's infrastructure. The phishing group sent out a phishing email disguised as an official Google communication, tricking users into believing they were under investigation. While Google has taken countermeasures, today the phishing group launched a new round of phishing attacks and will continue to lure users to a subdomain of \"google.com,\" prompting them to disclose their account passwords and immediately add a Passkey.BlockBeats previously reported that on April 16th, ENS chief developer nick.eth stated that he experienced a highly sophisticated phishing attack that exploited a vulnerability in Google's infrastructure, which Google refused to fix. He indicated that the attack email looked very authentic, could pass DKIM signature verification, and was displayed normally in Gmail, alongside other legi","collect":0,"end_time":0,"defaultTopTitle":"theblockbeats.info","property":[],"viewcount":null,"language":"en","relate_stocks":{"GOOG":"谷歌","LU1429558221.USD":"Natixis Loomis Sayles US Growth Equity RA USD","LU1839511570.USD":"WELLS FARGO GLOBAL FACTOR ENHANCED EQUITY \"I\" (USD) ACC","LU0053666078.USD":"摩根大通基金-美国股票A（离岸）美元","USJW.SI":"ALPHAB 3xLongSG261006","BK4561":"索罗斯持仓","LU0052756011.USD":"TEMPLETON GLOBAL BALANCED \"A\" (USD) INC","LU2106854487.HKD":"ALLIANZ THEMATICA \"AMG\" (HKD) INC","LU2430703251.USD":"WELLINGTON MULTI-ASSET HIGH INCOME \"AM4\" (USD) INC","LU2360032135.SGD":"ALLSPRING GLOBAL EQUITY ENHANCED INCOME \"A\" (SGDHDG) INC","LU1868837300.USD":"CT (LUX) I AMERICAN FUND \"9\" (USD) ACC","LU1037948897.HKD":"AB LOW VOLATILITY EQUITY PORTFOLIO \"AD\" (HKD) INC","LU0640476718.USD":"THREADNEEDLE (LUX) US CONTRARIAN CORE EQ \"AU\" (USD) ACC","LU1989764664.SGD":"CPR Invest - Global Disruptive Opportunities A2 Acc SGD-H","BK4548":"巴美列捷福持仓","IE00BKDWB100.SGD":"PINEBRIDGE US LARGE CAP RESEARCH ENHANCED \"A5H\" (SGDHDG) ACC","LU1935042215.USD":"MANULIFE GF GLOBAL MULTI-ASSET DIVERSIFIED INCOME  \"AA\" (USD) INC A","LU2275660780.HKD":"SCHRODER ISF GLOBAL CLIMATE CHANGE EQUITY \"A\" (HKD) ACC","LU1037948541.HKD":"AB LOW VOLATILITY EQUITY PORTFOLIO \"A\" (HKD) ACC","LU2362540622.SGD":"WELLINGTON NEXT GENERATION GLOBAL EQUITY \"A\" (SGDHDG) ACC","LU0820562030.AUD":"ALLIANZ INCOME AND GROWTH \"AMH2\" (AUDHDG) H2 INC","IE00BFXG0V08.USD":"BNY MELLON GLOBAL LEADERS \"B\" (USD) ACC","LU2125154935.USD":"ALLSPRING (LUX) WF GLOBAL EQUITY ENHANCED INCOME \"I\" (USD) INC","LU2092627202.USD":"Blackrock ESG Multi-Asset A8 USD-H","IE0005OL40V9.USD":"JANUS HENDERSON BALANCED \"A6M\" (USD) INC","IE00BFSS7M15.SGD":"Janus Henderson Balanced A Acc SGD-H","LU1934455863.HKD":"AB SICAV I LOW VOLATILITY TOTAL RETURN EQUITY PORT \"A\" (HKD) ACC","LU0175139822.USD":"AB FCP I Global Equity Blend A USD","LU0724617625.USD":"BGF GLOBAL ALLOCATION \"A4\" (USD) INC","LU1066051498.USD":"HSBC GIF GLOBAL EQUITY VOLATILITY FOCUSED \"AM2\" (USD) INC","LU1066053197.SGD":"HSBC GIF GLOBAL EQUITY VOLATILITY FOCUSED \"AM3\" (SGDHDG) INC","SG9999014898.SGD":"United Global Quality Growth Fund Dis SGD","ENS":"艾诺斯","LU1778281490.HKD":"HSBC GIF GLOBAL LOWER CARBON EQUITY \"AD\" (HKD) INC","LU0820561818.USD":"安联收益及增长平衡基金Cl AM DIS","LU0345769631.USD":"NINETY ONE GSF GLOBAL EQUITY \"A\" (USD) INC","LU2111349929.HKD":"ALLIANZ GLOBAL SUSTAINABILITY \"AM\" (HKD) INC","LU2552382058.USD":"WELLINGTON US BRAND POWER \"A\" (USD) ACC","LU0251131958.USD":"FIDELITY AMERICA \"A\" (USD) ACC","LU0878866978.SGD":"First Eagle Amundi International AHS-QD SGD-H","LU1366333091.USD":"FIDELITY GLOBAL FOCUS \"A\" (USD) ACC","LU1815333072.USD":"THREADNEEDLE (LUX) GLOBAL FOCUS \"AUP\" (USD) INC","LU2097829019.USD":"AZ EQUITY - BORLETTI GLOBAL LIFESTYLE \"AI\" (USD) ACC","LU1496350171.SGD":"FRANKLIN DIVERSIFIED BALANCED \"A\" (SGDHDG) ACC","LU0742534661.SGD":"Fidelity America A-SGD (hedged)","LU1316542783.SGD":"Janus Henderson Horizon Global Technology Leaders A2 SGD","LU2764262908.HKD":"BGF GLOBAL UNCONSTRAINED EQUITY \"A2\" (HKD) ACC","IE00B775SV38.USD":"NEUBERGER BERMAN US MULTICAP OPPORTUNITIES \"A\" (USD) ACC","GOOGL":"谷歌A"},"translate_title":"慢雾余弦：钓鱼集团利用谷歌子域进行新的钓鱼攻击，导致用户泄露账户密码","themeId":null,"isJumpTheme":false,"ttsUrl":null,"symbols_score_info":{"ENS":1,"GOOG":1,"GOOGL":1,"USJW.SI":0.6},"content_text":"BlockBeats News, April 20th - SlowMist founder Cosmos posted on social media that earlier, the ENS chief developer fell victim to a phishing attack that exploited a vulnerability in Google's infrastructure. The phishing group sent out a phishing email disguised as an official Google communication, tricking users into believing they were under investigation. While Google has taken countermeasures, today the phishing group launched a new round of phishing attacks and will continue to lure users to a subdomain of \"google.com,\" prompting them to disclose their account passwords and immediately add a Passkey.BlockBeats previously reported that on April 16th, ENS chief developer nick.eth stated that he experienced a highly sophisticated phishing attack that exploited a vulnerability in Google's infrastructure, which Google refused to fix. He indicated that the attack email looked very authentic, could pass DKIM signature verification, and was displayed normally in Gmail, alongside other legitimate security alerts in the same thread. The attackers used Google's \"sites\" service to create a trusted \"support portal\" page, as users would see the domain name containing \"google.com\" and mistake it for being secure. Users should remain vigilant.","kind":"highlight","is_publish_news":true,"is_publish_highlight":false,"is_publish_live":false,"is_publish_wemedia":null,"editions":null,"column":"","sentiment":"0","news_tag":"","news_rank":0,"symbols":[],"gpt_button":0,"code":"91000000","status":"200"}}}