Blockchain security firm SlowMist announced that it has discovered cases of TronLink impersonation phishing attacks targeting Tron (TRX) users. It is reported that the attackers created Chrome extensions with names similar to the official wallet to deceive users. The extension reportedly exploited actual download counts and reviews to increase its credibility, and sent seed phrases, private keys, and wallet passwords entered by users to the attackers via a Telegram bot. SlowMist recommended deleting extensions from unknown sources and initializing browser data, adding that if wallet information has been exposed, it is necessary to create a new wallet and transfer assets.
