As if this week wasn’t bad enough for many cryptocurrency owners, with stalking coins crashing and Coinbase suffering a downtime in a particularly bad time, now they have reportedly been targeted by a new phishing attack. As reported by CoinDesk and The Block Cryptwebsites included Etherscan, CoinGeckoand DexTools all warned users that they were aware of suspicious popups appearing for visitors, and advised them not to confirm any popup-based transactions.
Like many recent phishing attacks, this one seemed to promise a link to the Bored Ape Yacht Club project, with a monkey skull logo and (now disabled) nftapes.win domain. It has encouraged users to connect their MetaMask wallets (a software wallet that allows access to your phone or browser extension) for use on the web, and because it has appeared on domains that many people trust and use every day, they may have. fell in love with it and gave it access.
Update: The situation is caused by a malicious ad script from Coinzilla, a crypto advertising network – we have disabled it now but there may be some delay due to CDN cache. We are further monitoring the situation. Stay tuned and don’t connect your Metamask on CoinGecko. https://t.co/NY0ppKecIG
– CoinGecko (@coingecko) May 13, 2022
Last November, security firm Check Point Research identified a phishing attack using Google Ads that would either try to steal someone’s credentials or trick them into logging into the attacker’s wallet to get any transactions they tried. In February, a phishing attack stole $ 1.7 million in NFTs from OpenSea users, while a more recent attempt by Discord only captured $ 18,000 in tokens.
Etherscan said it has disabled third-party integrations for the time being. Tvito de CoinGecko identified the source of the malicious popup as Coinzilla, an industrial advertising network that told customers it could deliver more than 1 billion impressions a month through more than 600 reputable websites popular with crypto enthusiasts.
In the meantime, we have taken immediate action to disable the aforementioned 3rd integration in Etherscan.
– “The Etherscan” (@etherscan) May 13, 2022