Early warning: users are wary of new ways of fishing and stealing coins

The Slow Fog Security team captured a new way of attacking the supply chain in the digital currency industry. Probably the process: the attacker hijacked a well-known authoritative digital currency market/navigation station, and the main exchange website URLs were replaced with carefully prepared fishing. Websites, and many users like to visit the exchange website through these well-known portals, but they are all fake. The entire attack process, including two-factor authentication login, pending order transaction, and replenishment are all non-inductive, and the stolen money is invisible.