Phishing attack pop-up targets MetaMask users visiting popular crypto sites

As if this week wasn’t bad enough for many cryptocurrency owners, with stalking coins crashing and Coinbase suffering a downtime in a particularly bad time, now they have reportedly been targeted by a new phishing attack. As reported by CoinDesk and The Block Cryptwebsites included Etherscan, CoinGeckoand DexTools all warned users that they were aware of suspicious popups appearing for visitors, and advised them not to confirm any popup-based transactions.

Like many recent phishing attacks, this one seemed to promise a link to the Bored Ape Yacht Club project, with a monkey skull logo and (now disabled) nftapes.win domain. It has encouraged users to connect their MetaMask wallets (a software wallet that allows access to your phone or browser extension) for use on the web, and because it has appeared on domains that many people trust and use every day, they may have. fell in love with it and gave it access.

Last November, security firm Check Point Research identified a phishing attack using Google Ads that would either try to steal someone’s credentials or trick them into logging into the attacker’s wallet to get any transactions they tried. In February, a phishing attack stole $ 1.7 million in NFTs from OpenSea users, while a more recent attempt by Discord only captured $ 18,000 in tokens.

Etherscan said it has disabled third-party integrations for the time being. Tvito de CoinGecko identified the source of the malicious popup as Coinzilla, an industrial advertising network that told customers it could deliver more than 1 billion impressions a month through more than 600 reputable websites popular with crypto enthusiasts.