BlockBeats News: On April 16, nick.eth, the lead developer of ENS, posted that it had suffered an extremely sophisticated phishing attack that exploited a vulnerability in Google's infrastructure, but Google refused to fix the vulnerability. He showed that the attack email looked very real, was able to pass DKIM signature verification, was displayed normally by GMail, and was placed in the same conversation as other legitimate security warnings. The attacker used Google's "site" service to create a trusted "support portal" page, because users would see the domain name containing "google.com" and mistakenly think it was safe, so users need to be cautious.
This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.
The lead developer of ENS was hit by a phishing attack due to a Google infrastructure vulnerability that has not yet been fixed
BlockBeats News: On April 16, nick.eth, the lead developer of ENS, posted that it had suffered an extremely sophisticated phishing attack that exploited a vulnerability in Google's infrastructure, but Google refused to fix the vulnerability. He showed that the attack email looked very real, was able to pass DKIM signature verification, was displayed normally by GMail, and was placed in the same conversation as other legitimate security warnings. The attacker used Google's "site" service to create a trusted "support portal" page, because users would see the domain name containing "google.com" and mistakenly think it was safe, so users need to be cautious.