Popular cryptocurrency analysis platforms Etherscan and CoinGecko have simultaneously issued an alert about an ongoing phishing attack on their platforms. The companies began investigating the attack after numerous users reported unusual MetaMask pop-ups asking users to connect their crypto wallets to the website.
According to analytics firms, the latest phishing attack attempts to access user funds by asking them to integrate their crypto wallets via MetaMask once they access official websites.
Security Warning: If you are on the CoinGecko website and your metamask asks you to connect to this website, it is a scam. Don’t connect it. We are investigating the cause of this problem. pic.twitter.com/7vPfTAjtiU
— CoinGecko (@coingecko) May 13, 2022
Security Warning: If you are on the CoinGecko website and your metamask asks you to connect to this website, it is a scam. Don’t connect it. We are investigating the cause of this problem.
Etherscan further revealed that the attackers managed to display phishing pop-ups via the third-party integration and advised investors not to confirm any transactions requested by MetaMask.
We’ve received reports of phishing pop-ups via a third-party integration and are currently investigating.
Please be careful not to confirm any transactions that appear on the website.
— Etherscan (@etherscan) May 13, 2022
We’ve received reports of phishing via a third-party integration and are currently investigating.
Be careful not to confirm any transactions that appear on the website.
Crypto Twitter member @Noedel19 pointed to the possible cause of the attack, attributing and explaining the ongoing phishing attacks to the compromise of Coinzilla, an advertising and marketing agency “Every website using Coinzilla Ads is compromised.”
The screenshots shared below show the automated MetaMask pop-up requesting a connection to the link falsely posing as a Bored Ape Yacht Club (BAYC) Non-Fungible Token (NFT) offering.
On May 4, Cointelegraph warned readers of the rise in monkey-themed phishing scams, compounded by recent warnings from Etherscan and CoinGecko.
While an official confirmation from Coinzilla is still in the works, @Noedel19 suspects that all companies that have ad integration with Coinzilla remain at risk of similar attacks where their users receive pop-ups for MetaMask integration.
As a primary mitigation tool, Etherscan has disabled compromised third-party integrations on its website.
Within hours of the above event, Coinzilla informed Cointelegraph that the issue had been identified and fixed, and clarified that services were not impacted:
“A single campaign containing malicious code made it through our automated security checks. It ran for less than an hour before our team stopped it and suspended the account.”
While noting that no advertiser or publisher was to blame, Coinzilla revealed plans to go on the offensive, stating:
“Ad code was inserted from an external source via an HTML5 banner. We will be working closely with our publishers to help affected users identify the individual behind the attack and take appropriate action.
The team behind BAYC recently warned investors of an attack after discovering hackers had compromised their official Instagram account.
There’s no Mint going today. It looks like BAYC Instagram has been hacked. Don’t mint anything, don’t click links, and don’t associate your wallet with anything.
— Bored Ape Yacht Club (@BoredApeYC) April 25, 2022
No coins are minted today. Looks like BAYC’s Instagram has been hacked. Don’t mint anything, click on links or link your wallet to anything.
As Cointelegraph reported on April 25, hackers managed to gain access to BAYC’s official Instagram account. Then himHackers contacted BAYC followers on Instagram and shared links to fake airdrops.
Users who had connected their MetaMask wallets to the scam website were later stripped of their Ape NFTs. Unconfirmed Reports recommend that around 100 NFTs were stolen during the phishing attack.
Clarification: The information and/or opinions expressed in this article do not necessarily represent the views or editorial line of Cointelegraph. The information contained herein should not be construed as financial or investment advice. All investment and trading movements involve risk and it is the responsibility of each person to conduct their proper research before making any investment decision.
Investing in crypto assets is not regulated. They may not be suitable for retail investors and you may lose the entire amount invested. The services or products offered are not intended for and are not accessible to investors in Spain.