SlowMist: Beware of Browser History Manipulation Attacks, Malware Attacks on the Rise

BlockBeats News, December 31st, SlowMist released the Fourth Quarter 2025 Security Incident Analysis, which mentioned a new, more covert phishing method: even if the user manually enters the correct official domain name, they may still be redirected to a phishing website. Some victims reported that despite entering the correct address, the browser automatically completed it to the attacker's forged fake domain name. This was not due to user operation errors, but rather because the attacker had previously polluted the browser's history through advertisements, social media guidance, or false announcements. Once the phishing domain name is stored in the browser's autocomplete logic, the next time the user enters that address, the browser will automatically redirect to a fake website that is almost indistinguishable from the official website.

In addition, computer malware attacks are on the rise again. Attackers usually implant malicious programs into users' local environments stealthily through phishing links, private messages in social tools, or so-called "resource downloads." Once a device is infected, data related to wallets is at risk.