Odaily星球日报讯 ENS 核心开发者 nick.eth 在 X 平台发文表示遭遇到一起高度复杂的钓鱼攻击,该攻击利用了谷歌基础设施中两个未修复的漏洞,成功绕过 DKIM 验证并通过 Gmail 安全警告,伪装成真实的谷歌安全提醒邮件。攻击者可以通过 Google Sites 构建假“支持页面”,诱导用户登录并盗取凭证。 nick.eth 表示已向谷歌报告了香港问题,但遭到“按预期工作”的回复,谷歌拒绝修复相关逻辑漏洞,未来该攻击方式可能会频繁出现。
Disclaimer: Investing carries risk. This is not financial advice. The above content should not be regarded as an offer, recommendation, or solicitation on acquiring or disposing of any financial products, any associated discussions, comments, or posts by author or other users should not be considered as such either. It is solely for general information purpose only, which does not consider your own investment objectives, financial situations or needs. TTM assumes no responsibility or warranty for the accuracy and completeness of the information, investors should do their own research and may seek professional advice before investing.