Slow Fog Cosine: Another incident of CEX users being maliciously matched to steal millions of dollars in assets has occurred

ChainCatcher news, Slow Mist founder Yu Xian posted on the X platform that another incident of a user's CEX account being maliciously exploited to steal assets worth a million dollars has been reported, and the team is currently following up for analysis.

According to Yu Xian, there are quite a few attack methods targeting CEX web interfaces, such as the previous method of using malicious extensions to steal cookies, as well as clipboard attacks, form tampering, and request tampering. In addition to malicious extensions, reverse proxy phishing, Trojan viruses, and other methods are also viable options. The web interface has many vulnerabilities, so the risk control strategy here must be higher than that of the app interface.