X @1inch

RT zeroShadow (@zeroshadow_io)We've been tracking an active malware campaign targeting Web3 customer support teams.Attackers pose as customers in live chat and send links disguised as screenshots. One click installs a multi-stage backdoor attributed with moderate confidence to APT-Q-27.@1inch security caught this early before any damage was done and brought it to us to investigate. That prompt action is exactly why this report exists.Full report: malware analysis, IOCs, detection rules, and guidance for CS ...