Lately, several users, especially via Twitter, have been disclosing a new malware scam that arrives via email and targets DeFi (decentralized finance) investors. The subject of the email in fact mentions a simple agreement for future tokens (SAFT) from the Parallel DAO project. At the same time, the e-mail does not include text and is not signed, but contains a PDF file attached which, when opened, allows the execution of a malware. At the moment it appears that at least three blockchain-focused VC heavyweights have been targeted by this attack. The same email, but with Paradigm Capital mentioned, was sent by evildoers at Sino Global Capital, Sneaky Ventures, and County Capital. In addition, on October 29, 2021, $ 60 million of investors were stolen in a still-early stage DeFi project, Anubis DAO.
The latter, through official representatives, have been keen to officially clarify that their product does not have SAFT, and therefore these emails are part of an obvious “keylogging” type phishing scam. As always, the moral is therefore not to open attachments or click on links in emails that are unexpected and not justified by our previous actions and to pay the utmost attention to what you do on your computer, especially when it concerns money, whether real or digital.