Fake crypto trading - warmReminder

Detects a malicious DApp that requires injected Web3 to gain access to the fake trading and mining offers.

References

IOK Rule (edit)

title: Fake crypto trading - warmReminder

description: |
    Detects a malicious DApp that requires injected Web3 to
    gain access to the fake trading and mining offers.

references:
    - https://urlscan.io/result/33f225d1-1e30-4cd9-90ef-4ae9997dd1e0/
    - https://urlscan.io/result/1d1bd4d6-ba35-4a2f-8569-c0744ee94e7c/
    - https://urlscan.io/result/4c4bee6c-bac3-474d-9ed5-db806907900e/
    - https://urlscan.io/result/7ccbfda1-2eae-4ab3-bc73-4950dabe5c17/
    - https://urlscan.io/result/7578b04d-0917-4005-8b07-e382bd330815/

detection:

    identifier:
      js|contains|all:
        - "Warm reminder"
        - "Please visit in wallet"
        - "You are currently visiting a decentralized website, please run it in the wallet application"
        - "index"
        - "futures"
        - "dealNav"
        - "orderHistory"
        - "financeHistory"
        - "miningDetails"

    condition: identifier

tags:
  - cryptocurrency