SushiSwap is warning their community about fake social media accounts messaging users and pressuring them into downloading malware.
Warning – a fake SushiSwap account is DMing people on social media platforms and trying to get them to download an app and visit a fake website hosting malware.
— HuntingIsland — ΞTH 🐬🔊🔴 (@IslandHunting) March 9, 2021
Superficially, the announcement looks authentic, but the fact that the impostors are directly contacting users via social media instead of making an announcement via an official channel gives away that something nefarious is going on in the background. Always keep in mind that trustworthy blockchain projects will never DM their users on social media.
The Crypto Community Comes to Help
MyCrypto security researcher Harry Denley has picked up the case, trying to mitigate the damage and to investigate the malware.
I'll deconstruct it later tonight (likely a RAT, if it's like anything else I've seen – they usually are)
— harry.eth 🦊💙 (whg.eth) (@sniko_) March 9, 2021
According to Denley, the fake SushiSwap website that victims are redirected to attempts to download a Remote Access Trojan. This means that the victims’ devices, including all hot crypto wallets running on the devices, could be fully compromised.
If you happen to have fallen for the impostor, or if you suspect that your device might be compromised, you are advised to withdraw your funds from all hot wallets to a safe address. Also, change all of your passwords that might be compromised using a safety device, especially your email and exchange passwords, as well as your master password if you are using a password manager.