Security firm SlowMist has issued a warning about a high-risk phishing attack targeting TRON users. Attackers are using a fake TronLink Chrome extension, employing Unicode bidirectional control characters and Cyrillic homographs to impersonate the official name. This malicious extension dynamically loads phishing pages via remote iframes, enabling the theft of mnemonic phrases, private keys, Keystore files, and passwords. Stolen data is then transmitted in real-time through a Telegram Bot. Users are advised to uninstall any suspicious extensions immediately.
High-Risk Phishing Attack Targets TRON Users via Fake TronLink Extension
Disclaimer: The content provided on Phemex News is for informational purposes only. We do not guarantee the quality, accuracy, or completeness of the information sourced from third-party articles. The content on this page does not constitute financial or investment advice. We strongly encourage you to conduct you own research and consult with a qualified financial advisor before making any investment decisions.