Phishing attack pop-up targeting MetaMask users visiting popular cryptocurrency sites

Just as stablecoins have crashed this week as not bad for many cryptocurrency owners and Coinbase is experiencing a blackout in a particularly bad time, they are now known to be the target of a new phishing attack. As reported by coin desk And block cryptoSites including Etherscan, coin geckoAnd dex tool Everyone has warned users that they know they’re seeing suspicious pop-ups and advised them not to confirm transactions based on pop-ups.

Like many recent phishing attacks, this one also appears to promise a monkey skull logo and a link to the Bored Ape Yacht Club project with the (now disabled) domain. Users hooked up a MetaMask wallet (a software cryptocurrency wallet accessible through a mobile phone or browser extension) and enticed them to use it on the site, and many people fell for it and gained access because it appeared on a domain they trust and use every day. .

Last November, security firm Check Point Research identified a phishing attack that used Google Ads to steal someone’s credentials or trick them into logging into an attacker’s wallet to receive every transaction they tried. In February, a phishing attack stole $1.7 million worth of NFTs from OpenSea users, but a recent attempt via Discord only stole $18,000 worth of tokens.

Etherscan said it has disabled third-party integrations for the time being. tweets from coin gecko Identifies the source of the malicious pop-up as Coinzilla, an industry advertising network told the customer Over 600 reputable sites that are popular with cryptocurrency enthusiasts can provide over 1 billion impressions per month.

Leave a Comment