Just as stablecoins have crashed this week as not bad for many cryptocurrency owners and Coinbase is experiencing a blackout in a particularly bad time, they are now known to be the target of a new phishing attack. As reported by coin desk And block cryptoSites including Etherscan, coin geckoAnd dex tool Everyone has warned users that they know they’re seeing suspicious pop-ups and advised them not to confirm transactions based on pop-ups.
Like many recent phishing attacks, this one also appears to promise a monkey skull logo and a link to the Bored Ape Yacht Club project with the (now disabled) nftapes.win domain. Users hooked up a MetaMask wallet (a software cryptocurrency wallet accessible through a mobile phone or browser extension) and enticed them to use it on the site, and many people fell for it and gained access because it appeared on a domain they trust and use every day. .
Update: This situation was caused by a malicious ad script from Coinzilla, a crypto ad network. I disabled it for now, but there may be some delays due to CDN caching. We are further monitoring the situation. Be careful and do not link Metamask to CoinGecko. https://t.co/NY0ppKecIG
— CoinGecko (@coingecko) May 13, 2022
Last November, security firm Check Point Research identified a phishing attack that used Google Ads to steal someone’s credentials or trick them into logging into an attacker’s wallet to receive every transaction they tried. In February, a phishing attack stole $1.7 million worth of NFTs from OpenSea users, but a recent attempt via Discord only stole $18,000 worth of tokens.
Etherscan said it has disabled third-party integrations for the time being. tweets from coin gecko Identifies the source of the malicious pop-up as Coinzilla, an industry advertising network told the customer Over 600 reputable sites that are popular with cryptocurrency enthusiasts can provide over 1 billion impressions per month.
Etherscan has taken immediate action to temporarily disable that third-party integration.
— “Etherscan” (@etherscan) May 13, 2022