According to online reports, Yi Xian, founder of Slow Fog, said that to verify the WeChat account theft situation, the attacker uses the leaked account password (there is a probability of finding various leaked data), combined with the target user's frequent friends (even just adding friends, people who have interacted in the group), to obtain a 6-digit Captcha to implement account theft. Attackers often close the Internet late at night, focusing on off-site U transaction fraud in the currency circle. It is recommended that WeChat add friends carefully, change passwords in a timely manner, and pay attention to WeChat's abnormal login risk warnings.