TechFlow news — On February 26, SlowMist Chief Information Security Officer @im23pds warned on social media about a recent sophisticated SMS phishing attack targeting Binance users. This attack differs from typical phishing messages, as the fraudulent SMS appears within the same conversation thread as official Binance messages, sharing the same channel with legitimate alerts and spanning an extended timeframe, effectively mimicking the official SMS environment.
@im23pds analyzed that this type of attack may involve two possible technical methods: first, attackers using SMS spoofing techniques to falsify the sender's number, allowing phishing messages to blend into the official conversation thread; second, attackers might have exploited vulnerabilities in SMS gateways or conducted supply chain attacks, gaining unauthorized access to the SMS delivery channel or colluding with unscrupulous SMS service providers.




