Security experts have warned about CryptoChameleon phishing attacks

The CryptoChameleon scheme is focused on mobile devices and is mainly aimed at citizens from the United States. The most frequent attacks are high-ranking officials, including employees of the Federal Communications Commission (FCC), users of the major cryptocurrency exchanges Binance, Coinbase, Gemini and Kraken, owners of Trezor hardware wallets, as well as users of ShakePay and Caleb&Brown services.

Scammers use a multi-pronged approach: they send phishing emails and SMS, make phone calls to trick users into revealing confidential information. The scammers pose as customer support, and under the pretext of a recent hack, convince people to urgently take these actions to ensure the security of their crypto wallet, as a result of which they receive user credentials.

Hackers are reproducing single sign-on (SSO) pages. hCaptcha is used on phishing pages to prevent interaction with automated analysis tools. This allows a fake login screen to appear only after the victim enters the CAPTCHA. This strategic move prevents rapid identification using security tools.

When entering credentials, victims are asked to enter a two-factor authentication (2FA) code or "wait" under the guise of verification. An attacker uses this opportunity to log in, using stolen data.

Source: https://bits.media/spetsialisty-po-bezopasnosti-predupredili-o-fishingovykh-atakakh-cryptochameleon/