Phishing attack popup targeting metaverse users after crypto slump


Last week, with the market crashing and Binance suspended during those difficult times, it turned out to be horrendous for crypto owners, though. Nasty phishing attacks The popup is designed to target users of the metaverse of popular crypto sites. So far, several sites, including Etherscan and DexTools, have been known to have seen cryptocurrency scam ads and sent out warnings not to link wallets.

CoinGecko has issued a fraud alert via: Twitter On May 14th it reads:

Security Warning: If you are on the CoinGecko website and MetaMask asks you to connect to this site, this is your SCAM. Do not connect. We are investigating the root cause of this issue.

Read Related | LUNA Investors ‘Suicide’ After Crypto Crash – Do Kwon Says He Was ‘broken’

The crooks behind the phishing attack disguised as users clicking on a link provided to access their most important NFT avatar, the Bored Ape Yacht Club. And to make it a reality, Recommendation popup There is a monkey skull logo next to the now-defunct domain nftapes.win. According to a WHOIS lookup, the domain from which the phishing attack was generated was registered around 3pm on Friday. Eastern Standard Time

Ads required users to link a MetaMask wallet to use on the site. Web 3.0 technology allows the MetaMask wallet to authorize access to websites via smartphones and browser extensions. And because scammers have placed inappropriate advertising scripts on reputable sites with which they have a trusting relationship with their audience, many users have fallen into a trap and have gained access to their wallets.

CoinGecko detailing the cause of this situation Confirm:

Update: This situation is caused by a malicious ad script from Coinzilla, a crypto ad network. I disabled it for now, but there may be some delays due to CDN caching. We are further monitoring the situation. Be careful and do not link Metamask to CoinGecko.

Bitcoin price is currently trading below $30,000. | Source: BTC/USD price chart TradingView.com

Phishing attacks have been on the rise since cryptocurrency growth.

Since the crypto sector has become a top priority for cybercriminals, a phishing attack via Google Ads last November was carried out to steal users’ credentials and force them to log into the attacker’s wallet to receive committed transactions from the victim’s wallet. I did. Similarly, hackers stole $18,000 in NFTs worth $1.7 million and their most recent attack via Discord in February.

Read Related | OpenSea has identified a phishing attack affecting multiple users. The facts are:

When the publication discovered fraud, Etherscan temporarily blocked integration with third parties. Dex Tools also informed the community that Coinzilla, an advertising network that claims to deliver over 1 billion impressions per month across 600 reputable crypto sites, has recently become a source of phishing attacks.

dex tool Tweet;

Disable all ads until things become clear. @adsbycoinzilla . Do not sign suspicious requests from your wallet. DEXTools does not automatically ask for permission.

Featured image from Pixabay and chart from TradingView.com



Leave a Comment