安全公司：诈骗团伙GreedyBear将加密货币盗窃活动扩大至“工业规模”

Odaily

Aug 08, 2025

Odaily星球日报讯网络安全公司 Koi Security 披露，名为 GreedyBear 的黑客组织通过三管齐下的攻击手段窃取超 100 万美元加密货币。该组织采用浏览器扩展、恶意软件和诈骗网站组合攻击模式，已部署超 650 个恶意工具。技术细节显示，攻击者在 Firefox 商店发布 150 余个仿冒 MetaMask 等热门钱包的恶意扩展程序，采用“扩展程序掏空”技术先通过审核再植入恶意代码。同时分发近 500 个加密货币主题恶意软件样本，主要通过俄罗斯盗版软件网站传播。此外还建立冒充硬件钱包等产品的专业诈骗网站网络。

值得注意的是，所有攻击通过单一 IP 服务器集中控制，部分代码显示使用 AI 生成以实现快速迭代。网络安全专家警告称，这标志着加密货币网络犯罪已进入工业化新阶段，呼吁应用商店加强审核机制。(Cointelegraph)

Disclaimer: Investing carries risk. This is not financial advice. The above content should not be regarded as an offer, recommendation, or solicitation on acquiring or disposing of any financial products, any associated discussions, comments, or posts by author or other users should not be considered as such either. It is solely for general information purpose only, which does not consider your own investment objectives, financial situations or needs. TTM assumes no responsibility or warranty for the accuracy and completeness of the information, investors should do their own research and may seek professional advice before investing.

Most Discussed

{"basename":"","ssrTDKData":{"titleTemplate":"%s - Tiger Brokers","title":"Tiger Brokers | Global Stocks, Options & Futures Trading App","description":"Tiger Brokers, one-stop investment in US stocks, SGX stocks, HK stocks, A-shares & other global assets. One of the best stock trading platforms in Singapore.","keywords":"tiger brokers,tiger trade,tiger brokers singapore,broker online,stock trading in singapore,share trading singapore,brokerage firm singapore,trading app,stock broker singapore,stock trading platforms,trading account","social":{"ogDescription":"Tiger Brokers, one-stop investment in US stocks, SGX stocks, HK stocks, A-shares & other global assets. One of the best stock trading platforms in Singapore.","ogImage":"https://c1.itigergrowtha.com/portal5/static/media/og-logo.be62fbe1.png","ogUrl":"https://www.itiger.com/news/2557048510"},"companyName":"Tiger Brokers"},"pageData":{"isMobile":false,"isTiger":false,"isTTM":true,"region":"SGP","license":"TBSG","edition":"fundamental"},"isCrawlerRequest":true,"__swrFallback__":{"@#url:\"https://stock-news.skytigris.cn/v3/news\",params:#id:\"2557048510\",edition:\"fundamental\",auth_exemption:1,,,undefined,":{"share":"https://ttm.financial/m/news/2557048510?lang=en_US&edition=fundamental","thumbnail":"","is_english":false,"pubTime":"2025-08-08 14:03","share_image_url":"https://static.laohu8.com/e9f99090a1c2ed51c021029395664489","id":"2557048510","market":"us","top_or_hot":-1,"title":"安全公司：诈骗团伙GreedyBear将加密货币盗窃活动扩大至“工业规模”","media":"Odaily","content":"<html><body><div><p>Odaily星球日报讯 网络安全公司 Koi Security 披露，名为 GreedyBear 的黑客组织通过三管齐下的攻击手段窃取超 100 万美元加密货币。该组织采用浏览器扩展、恶意软件和诈骗网站组合攻击模式，已部署超 650 个恶意工具。技术细节显示，攻击者在 Firefox 商店发布 150 余个仿冒 MetaMask 等热门钱包的恶意扩展程序，采用“扩展程序掏空”技术先通过审核再植入恶意代码。同时分发近 500 个加密货币主题恶意软件样本，主要通过俄罗斯盗版软件网站传播。此外还建立冒充硬件钱包等产品的专业诈骗网站网络。</p><p>值得注意的是，所有攻击通过单一 IP 服务器集中控制，部分代码显示使用 AI 生成以实现快速迭代。网络安全专家警告称，这标志着加密货币网络犯罪已进入工业化新阶段，呼吁应用商店加强审核机制。(Cointelegraph)</p></div></body></html>","source":"odaily_live","html":"<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\n<meta name=\"viewport\" content=\"width=device-width,initial-scale=1.0,minimum-scale=1.0,maximum-scale=1.0,user-scalable=no\"/>\n<meta name=\"format-detection\" content=\"telephone=no,email=no,address=no\" />\n<title>安全公司：诈骗团伙GreedyBear将加密货币盗窃活动扩大至“工业规模”</title>\n<style type=\"text/css\">\na,abbr,acronym,address,applet,article,aside,audio,b,big,blockquote,body,canvas,caption,center,cite,code,dd,del,details,dfn,div,dl,dt,\nem,embed,fieldset,figcaption,figure,footer,form,h1,h2,h3,h4,h5,h6,header,hgroup,html,i,iframe,img,ins,kbd,label,legend,li,mark,menu,nav,\nobject,ol,output,p,pre,q,ruby,s,samp,section,small,span,strike,strong,sub,summary,sup,table,tbody,td,tfoot,th,thead,time,tr,tt,u,ul,var,video{ font:inherit;margin:0;padding:0;vertical-align:baseline;border:0 }\nbody{ font-size:16px; line-height:1.5; color:#999; background:transparent; }\n.wrapper{ overflow:hidden;word-break:break-all;padding:10px; }\nh1,h2{ font-weight:normal; line-height:1.35; margin-bottom:.6em; }\nh3,h4,h5,h6{ line-height:1.35; margin-bottom:1em; }\nh1{ font-size:24px; }\nh2{ font-size:20px; }\nh3{ font-size:18px; }\nh4{ font-size:16px; }\nh5{ font-size:14px; }\nh6{ font-size:12px; }\np,ul,ol,blockquote,dl,table{ margin:1.2em 0; }\nul,ol{ margin-left:2em; }\nul{ list-style:disc; }\nol{ list-style:decimal; }\nli,li p{ margin:10px 0;}\nimg{ max-width:100%;display:block;margin:0 auto 1em; }\nblockquote{ color:#B5B2B1; border-left:3px solid #aaa; padding:1em; }\nstrong,b{font-weight:bold;}\nem,i{font-style:italic;}\ntable{ width:100%;border-collapse:collapse;border-spacing:1px;margin:1em 0;font-size:.9em; }\nth,td{ padding:5px;text-align:left;border:1px solid #aaa; }\nth{ font-weight:bold;background:#5d5d5d; }\n.symbol-link{font-weight:bold;}\n/* header{ border-bottom:1px solid #494756; } */\n.title{ margin:0 0 8px;line-height:1.3;color:#ddd; }\n.meta {color:#5e5c6d;font-size:13px;margin:0 0 .5em; }\na{text-decoration:none; color:#2a4b87;}\n.meta .head { display: inline-block; overflow: hidden}\n.head .h-thumb { width: 30px; height: 30px; margin: 0; padding: 0; border-radius: 50%; float: left;}\n.head .h-content { margin: 0; padding: 0 0 0 9px; float: left;}\n.head .h-name {font-size: 13px; color: #eee; margin: 0;}\n.head .h-time {font-size: 11px; color: #7E829C; margin: 0;line-height: 11px;}\n.small {font-size: 12.5px; display: inline-block; transform: scale(0.9); -webkit-transform: scale(0.9); transform-origin: left; -webkit-transform-origin: left;}\n.smaller {font-size: 12.5px; display: inline-block; transform: scale(0.8); -webkit-transform: scale(0.8); transform-origin: left; -webkit-transform-origin: left;}\n.bt-text {font-size: 12px;margin: 1.5em 0 0 0}\n.bt-text p {margin: 0}\n</style>\n</head>\n<body>\n<div class=\"wrapper\">\n<header>\n<h2 class=\"title\">\n安全公司：诈骗团伙GreedyBear将加密货币盗窃活动扩大至“工业规模”\n</h2>\n\n<h4 class=\"meta\">\n\n\n2025-08-08 14:03 北京时间&nbsp;&nbsp;&nbsp;<a href=https://www.odaily.news/zh-CN/newsflash/442439><strong>Odaily</strong></a>\n\n\n</h4>\n\n</header>\n<article>\n<div>\n<p>Odaily星球日报讯 网络安全公司 Koi Security 披露，名为 GreedyBear 的黑客组织通过三管齐下的攻击手段窃取超 100 万美元加密货币。该组织采用浏览器扩展、恶意软件和诈骗网站组合攻击模式，已部署超 650 个恶意工具。技术细节显示，攻击者在 Firefox 商店发布 150 余个仿冒 MetaMask 等热门钱包的恶意扩展程序，采用“扩展程序掏空”技术先通过审核再植入...</p>\n\n<a href=\"https://www.odaily.news/zh-CN/newsflash/442439\">Source Link</a>\n\n</div>\n\n\n</article>\n</div>\n</body>\n</html>\n","isBrief":false,"type":0,"news_type":1,"symbol":"LU1169590202.USD","symbol_name":"ALLSPRING (LUX)  U.S. SELECT EQUITY \"I\" (USD) ACC","start_time":0,"source_url":"https://www.odaily.news/zh-CN/newsflash/442439","article_id":"2557048510","we_media_id":null,"thumbnails":[],"rights":null,"url":"https://stock-news.laohu8.com/highlight/detail?id=2557048510","pubTimestamp":1754633010,"columns":[],"sourceInfo":{"source_id":"odaily_live","name":"Odaily"},"weMediaInfo":null,"summary":"<div class=\"line-clamp-4 text-custom-000000/70 dark:text-custom-FFFFFF/60 text-18 font-400 tracking-1 leading-40 whitespace-pre-line\"><p>Odaily星球日报讯 网络安全公司 Koi Security 披露，名为 GreedyBear 的黑客组织通过三管齐下的攻击手段窃取超 100 万美元加密货币。该组织采用浏览器扩展、恶意软件和诈骗网站组合攻击模式，已部署超 650 个恶意工具。技术细节显示，攻击者在 Firefox 商店发布 150 余个仿冒 MetaMask 等热门钱包的恶意扩展程序，采用“扩展程序掏空”技术先通过审核再植入恶意代码。同时分发近 500 个加密货币主题恶意软件样本，主要通过俄罗斯盗版软件网站传播。此外还建立冒充硬件钱包等产品的专业诈骗网站网络。</p><p>值得注意的是，所有攻击通过单一 IP 服务器集中控制，部分代码显示使用 AI 生成以实现快速迭代。网络安全专家警告称，这标志着加密货币网络犯罪已进入工业化新阶段，呼吁应用商店加强审核机制。(Cointelegraph)</p></div>","collect":0,"end_time":0,"defaultTopTitle":"odaily.news","property":[],"viewcount":null,"language":"zh","relate_stocks":{"LU1169590202.USD":"ALLSPRING (LUX)  U.S. SELECT EQUITY \"I\" (USD) ACC","LU1487256676.USD":"THREADNEEDLE (LUX) UK EQUITY INCOME \"ZUH\" (USDHDG) ACC","GBTC":"比特币ETF-Grayscale","BK4588":"碎股","BK4594":"比特币ETF概念","BK4601":"加密货币现货ETF","HODL":"比特币ETF-VanEck","VBTC.AU":"Vaneck Bitcoin Etf","BRRR":"比特币ETF-CoinShares","BITO":"比特币期货ETF-ProShares","LU1481599808.USD":"THREADNEEDLE (LUX) UK EQUITY INCOME \"AUC\" (USDHDG) INC","BTCO":"比特币ETF-Invesco Galaxy","LU1169589451.USD":"ALLSPRING (LUX)  U.S. SELECT EQUITY \"A\" (USD) ACC","IP":"国际纸业","BK4585":"ETF&股票定投概念","BTCW":"比特币ETF-Wisdom Tree","LU2463526074.USD":"NORDEA 1 - GLOBAL CLIMATE ENGAGEMENT \"BP\" (USD) ACC","IE00B3T34201.USD":"BNY MELLON GLOBAL EQUITY INCOME \"B\" (USD) INC","IBIT":"比特币ETF-iShares","FBTC":"比特币ETF-Fidelity","EZBC":"比特币ETF-Franklin","LU1481600234.SGD":"THREADNEEDLE (LUX) UK EQUITY INCOME \"ASC\" (SGDHDG) INC","BK4136":"纸材料包装","DEFI":"比特币期货ETF-Hashdex"},"translate_title":"Security firm: scam gang GreedyBear expands crypto theft to'industrial scale '","themeId":null,"isJumpTheme":false,"ttsUrl":null,"symbols_score_info":{"HODL":1,"VBTC.AU":1,"BTCW":1,"DEFI":1,"BTCO":1,"GBTC":1,"IP":1,"IBIT":1,"BRRR":1,"FBTC":1,"BITO":1,"EZBC":1},"content_text":"Odaily星球日报讯 网络安全公司 Koi Security 披露，名为 GreedyBear 的黑客组织通过三管齐下的攻击手段窃取超 100 万美元加密货币。该组织采用浏览器扩展、恶意软件和诈骗网站组合攻击模式，已部署超 650 个恶意工具。技术细节显示，攻击者在 Firefox 商店发布 150 余个仿冒 MetaMask 等热门钱包的恶意扩展程序，采用“扩展程序掏空”技术先通过审核再植入恶意代码。同时分发近 500 个加密货币主题恶意软件样本，主要通过俄罗斯盗版软件网站传播。此外还建立冒充硬件钱包等产品的专业诈骗网站网络。值得注意的是，所有攻击通过单一 IP 服务器集中控制，部分代码显示使用 AI 生成以实现快速迭代。网络安全专家警告称，这标志着加密货币网络犯罪已进入工业化新阶段，呼吁应用商店加强审核机制。(Cointelegraph)","kind":"live","is_publish_news":true,"is_publish_highlight":false,"is_publish_live":true,"is_publish_wemedia":null,"editions":null,"column":"","sentiment":"0","news_tag":"","news_rank":0,"symbols":[],"gpt_button":0,"need_auth":false,"code":"91000000","status":"200"}}}