SlowMist: Beware of browser history pollution attacks, malicious software attacks are on the rise again

BlockBeats News, December 31 — SlowMist released an analysis of security incidents in Q4 2025, which mentioned a new, more covert phishing method: even if users manually input the correct official domain, they may still be redirected to a phishing website. Some victims reported that despite entering the correct address, their browser automatically completed it as a spoofed domain forged by attackers. This is not due to user error, but because attackers previously polluted the browser’s history through ads, social media guidance, or false announcements. Once the phishing domain is stored in the browser’s autocomplete logic, the next time the user inputs that address, the browser will automatically redirect to a nearly identical fake website that mimics the official site. Additionally, malware attacks on computers are resurging. Attackers often use phishing links, private messages in social tools, or so-called “resource downloads” to stealthily implant malicious programs into the user’s local environment. Once infected, data related to wallets faces risks.