While examinations are ongoing, it is possible that the currently undertaken attack on different crypto platforms is linked to the hacking of Coinzilla, a marketing and advertising business.
Etherscan and CoinGecko, the two most popular crypto monitoring services, have both sounded the alarm about a phishing attack. Several customers reported unexpected MetaMask pop-ups urging them to link their crypto wallets to the website, forcing the companies to launch an investigation.
According to the data provided by the monitoring firms, the recent hacking effort tries to obtain insight into customers' funds by proposing that they link their crypto wallets using MetaMask once they visit the official websites.
Etherscan also disclosed that the fraudsters used a third-party interface to generate phishing pop-ups, and warned traders to avoid approving any transactions requested by MetaMask.
A user of Crypto Twitter, linked the continuous phishing assaults to Coinzilla, claiming that "Any website that uses Coinzilla Ads is exposed to the malware." An automated MetaMask pop-up requesting you to connect with a link that fraudulently claims to be a non-fungible token (NFT) offered from Bored Ape Yacht Club. The source cautioned readers about the surge in Ape-themed airdrop phishing frauds, which is backed up by recent alerts from Etherscan and CoinGecko.
While formal certification from Coinzilla is still pending, sources believe that all organizations with Coinzilla ad interaction are still vulnerable to similar assaults in which their users are bombarded with pop-ups requesting MetaMask inclusion.
Etherscan has stopped the affected third-party integration on its website as a key strategy of damage mitigation.
After hackers were discovered to have hacked into BAYC's official Instagram account, the company issued a warning to investors. Sources claimed that hackers had gained access to BAYC's official Instagram account. The hackers then emailed BAYC's Instagram followers with phoney airdrop URLs.
Ape NFTs were later drained from users that connected their MetaMask wallets to the fake website. According to unconfirmed sources, the phishing attack resulted in the theft of around 100 NFTs.
Mobile app Rating
Share