"Hackers Are Breaching Scam Sites to Hijack Crypto Transactions"

Water Labbu is a threat actor who is hacking into cryptocurrency scam sites to inject malicious JavaScript that steals funds from the scammer's victims. The FBI issued a warning in July about scam decentralized applications (dApps) that impersonated cryptocurrency liquidity mining services but stole the victim's cryptocurrency investments. When an investor lends their cryptocurrency to a decentralized exchange in exchange for high rewards, which are typically generated through trading fees, this is referred to as liquidity mining. Water Labbu hacks into these types of fake dApp sites and injects JavaScript code into the site's HTML rather than creating their own. The hackers do not interact with the victims, instead leaving all social engineering to the scammers. When an investor connects their wallet to the dApp, Water Labbu's script detects if it contains many cryptocurrency holdings and attempts to steal them using the methods described below. Water Labbu, according to the analysts, has compromised at least 45 scam websites, the majority of which follow the "lossless mining liquidity pledge" theme. According to Trend Micro, Water Labbu's profit is estimated to be at least $316,728 based on transaction records from nine identified victims. This article continues to discuss Water Labbu hacking scam sites to take over cryptocurrency transactions. 

Bleeping Computer reports "Hackers Are Breaching Scam Sites to Hijack Crypto Transactions"