ae/golfed.xyz
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fixed typos & added a closing statement

Browse Source
This commit is contained in:
ae 2024-10-29 19:01:33 +02:00
parent cbc3b761de
commit ab2a5741b3
Signed by: ae
GPG Key ID: 995EFD5C1B532B3E
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
content/blog/metamask-scam-exploration.md
View File

@ -42,7 +42,7 @@ function saveFile(name, type, data) {
The resulting webpage would display 12/15/18/21/24 input fields for a crypto wallet seed phrases of various lengths.
The scammers were using Telegram as the backend, but didn't apparently care enough to even attempt to hide the API token and chat ID from the source with some obfuscation logic. Telegram also follows a certain logic with the chat IDs (private chats don't have a dash prefix, whereas supergroups and channels have a `-100` prefix) which helps in determining that the data is exfiltrated into a private chat instead of a group.
The scammer was using Telegram as the backend, but didn't apparently care enough to even attempt to hide the API token and chat ID from the source with some obfuscation logic. Additionally it's also clear that the data was being exfiltrated into a private chat based on the chat ID format (private chats don't have a dash prefix, whereas supergroups and channels have a `-100` prefix).
```javascript
// Add your telegram token,chatid
@ -160,3 +160,5 @@ while True:
send_msg(words, CHAT_ID)
sleep(random.randint(1, 10))
```
In the end I was able to send roughly 10k messages before the scammer revoked the API token. I hope he'll have a fun time trying to sort out the legitimate responses from the ones I sent.