- Buy Crypto
- Markets
Futures- Spot
- Copy Trade
- Earn
- More
Linux users should be aware of a new type of attack on the Snap Store, where hackers can take over developers' identities to trick users into submitting their seed phrase.
BlockBeats News, January 21st, SlowMist CISO 23pds posted on social media that Linux users need to be aware of a new attack in the Snap Store. A hijacked domain name is used as a backdoor to steal users' encrypted assets. Tampered apps masquerade as well-known crypto wallets like Exodus, Ledger Live, or Trust Wallet, tricking users into entering their "wallet recovery seed phrase," leading to fund theft.
It is reported that the attackers have now shifted to monitoring developer accounts in the Snap Store with expired associated domains. Once a target domain is found to be expired, the attacker promptly registers it, then uses the domain's email to initiate a password reset on the Snap Store, thus taking over the identity of a long-established trusted publisher.
23pds explained that this means software that users installed and trusted for years may overnight be compromised by hackers injecting malicious code through the official update channel. It has been confirmed that two publisher domains, storewise[.]tech and vagueentertainment[.]com, have been hijacked using this method. The tampered apps usually pretend to be reputable crypto wallets like Exodus, Ledger Live, or Trust Wallet, with interfaces almost indistinguishable from the genuine ones.
Upon app launch, it will first connect to a remote server for network verification, then lure users into entering their "wallet recovery seed phrase." Once users submit this sensitive information, it is immediately sent to the attacker's server, resulting in fund theft. Due to exploiting the existing trust relationship, such attacks often succeed before the victims realize.
You may also like
Wall Street Shorts ETH: Vitalik is aware and has front-run, while Tom Lee remains oblivious
Social Capital CEO: How Equity Tokenization is Reshaping Capital Markets from US Stocks to SpaceX?
CoinGecko Report: Surge of 346% vs Dip of 20.8%, The Wild Rise of DEX
a16z: The Real Opportunity of Stablecoins Lies Not in Disruption but in Filling Gaps
Mining Exodus: Someone Holds $12.8 Billion AI Order
March 6 Market Key Intelligence, How Much Did You Miss?
a16z: The True Opportunity of Stablecoins is in Complementing, Not Disrupting
Predict LALIGA Matches, Shoot Daily & Win BTC, USDT and WXT on WEEX
The WEEX × LALIGA campaign brought together football excitement and crypto participation through a dynamic interactive experience. During the event, users predicted matches, completed trading tasks, and took daily shots to compete for rewards including BTC, USDT, WXT, and exclusive prizes.
Ray Dalio Dialogue: Why I'm Betting on Gold and Not Bitcoin
Who Took the Money in the AI Era? A Must-See Investment Checklist for HALO Asset Trading
Wall Street Bears Target Ethereum: Vitalik In the Know Takes Flight, Tom Lee Remains Bullish
Pump.fun Hacker Steals $2 Million, Receives 6-Year Prison Sentence, Opts for 'Self-Detonation'
6% Annual Percentage Yield as Musk Declares War on Traditional Banks
36 years, 4 wars, 1 script: How does capital price the world in conflict?
Mining Companies' Great Migration: Some Have Already Secured $12.8 Billion in AI Orders
What Is Vibe Coding? How AI Is Changing Web3 & Crypto Development
What is vibe coding? Learn how AI coding tools are lowering the barrier to Web3 development and enabling anyone to build crypto applications.
The parent company of the New York Stock Exchange strategically invests in OKX: The intentions behind the $25 billion valuation
WEEX P2P update: Country/region restrictions for ad posting
To improve ad security and matching accuracy, WEEX P2P now allows advertisers to restrict who can trade with their ads based on country or region. Advertisers can select preferred counterparty locations for a safer, smoother trading experience.
I. Overview
When publishing P2P ads, advertisers can now set the following:
Allow only counterparties from selected countries or regions to trade with your ads.
With this feature, you can:
Target specific user groups more precisely.Reduce cross-region trading risks.Improve order matching quality.
II. Applicable scenarios
The following are some common scenarios:
Restrict payment methods: Limit orders to users in your country using supported local banks or wallets.Risk control: Avoid trading with users from high-risk regions.Operational strategy: Tailor ads to specific markets.
III. How to get started
On the ad posting page, find "Trading requirements":
Select "Trade with users from selected countries or regions only".Then select the countries or regions to add to the allowlist.Use the search box to quickly find a country or region.Once your settings are complete, submit the ad to apply the restrictions.
When an advertiser enables the "Country/Region Restriction" feature, users who do not meet the criteria will be blocked when placing an order and will see the following prompt:
If you encounter this issue when placing an order as a regular user, try the following solutions.
Choose another ad: Select ads that do not restrict your country/region, or ads that allow users from your location.Show local ads only: Prioritize ads available in the same country as your identity verification.
IV. Benefits
Compared with ads without country/region restrictions, this feature provides the following improvements.
Aspect
Improvement
Trading security
Reduces abnormal orders and fraud risk
Conversion efficiency
Matches ads with more relevant users
Order completion rate
Reduces failures caused by incompatible payment methods
V. FAQ
Q1: Why are some users not able to place orders on my ad?
A1: Their country or region may not be included in your allowlist.
Q2: Can I select multiple countries or regions when setting the restriction?
A2: Yes, multiple selections are supported.
Q3: Can I edit my published ads?
A3: Yes. You can edit your ad in the "My Ads" list. Changes will take effect immediately after saving.
App