After Crypto Crash: Phishing attacks attack crypto wallets
The last week has already been terrible enough for cryptocurrency owners anyway. Now hackers are also attacking crypto wallets with nasty phishing attacks. So far, several websites, including Etherscan and DexTools, have confirmed crypto fraud attempts and issued warnings not to connect wallets.
Hackers Attack Crypto Wallets
CoinGecko issued a fraud alert on Twitter on May 14. It states::
“Security Warning: If you are on the CoinGecko website and your Metamask asks you to connect to this website, it is a SCAM. Do not connect them. We are currently investigating the cause of this issue.“
Security Alert: If you are on the CoinGecko website and you are being prompted by your Metamask to connect to this site, this is a SCAM. Don’t connect it. We are investigating the root cause of this issue. pic.twitter.com/7vPfTAjtiU
– CoinGecko (@coingecko) May 13, 2022
The scammers behind the phishing attack have pretended that the users would access the most important NFT avatar, the Bored Ape Yacht Club, by clicking on the given link.
And to make the whole thing even more realistic, the pop-ups showed a monkey skull logo next to the now deleted domain nftapes.win. According to the WHOIS query, the domain from which the phishing attacks originated was registered around 3:00 PM ET on Friday.
The ad prompted users to connect their MetaMask wallets in order to use them on the site. Web 3.0 technology allows MetaMask wallets to authorize access to sites through smartphones and browser extensions.
And since the scammers managed to place questionable advertising scripts on reputable sites that have a trusting relationship with their audience, many users fell into the trap. They granted access to their wallets.
CoinGecko reconfirmed the cause of this situation:
“Update: The situation is caused by a malicious ad script from Coinzilla, a crypto advertising network. We have disabled it now, but there may be a delay due to CDN caching. We continue to monitor the situation. Stay alert and don’t connect your metamask to CoinGecko.“
Crypto Growth Favors Phishing Attacks
The crypto sector has become the preferred choice of cybercriminals. Last November, for example, they conducted a phishing attack through Google ads. They wanted to steal login data from users and make them log in to the attacker’s wallet.
Thus, the latter was able to receive transactions from the victim’s wallet. Similarly, hackers stole $1.7 million worth of NFTs through OpenSea in February and $18,000 in the most recent attack through Discord.
When the fraud was discovered, Etherscan temporarily blocked integration with third parties. In addition, Dex Tools told its community that Coinzilla, an advertising network that claims to deliver over 1 billion impressions per month on 600 reputable crypto sites, was the source of the recent phishing attack.
Dex Tools tweetete:
“We are disabling all ads until the situation of @adsbycoinzilla is clarified. Please be attentive and do not approve suspicious requests from your wallet. DEXTools does not automatically request any permissions.“
Text credit: Bitcoinist
Top Brokers for Buying and Trading Cryptocurrencies
- Go to the offer
Crypto Launchpad: The Best Telegram Group!
- Neutral market analyses
- Summarized daily: the winners/losers of the last 24h
- All about the current NFT hype
Lucky Block: Best Cryptocurrency 2022!
- Crypto lottery where everyone is a winner!
- Based on blockchain protocols
- No fees, 100% payout percentage
Defi Coin (DEFC): Best Defi Coin 2022!
- DeFi Coin with the Most Potential in 2022
- Reflection, LP acquisition and Token Burn ensures long-term tokenomics
- 1.000%-Rally possible!
Cryptocurrencies are a very volatile, unregulated investment product. Your capital is at risk.