Users targeted by phishing attack via apparent malicious ad code on crypto data sites

advertisement

UPDATE (6:15 p.m. ET): In a follow-up message, CoinGecko said that its investigation pointed to crypto ad platform Coinzilla as the source of the phishing attack code, saying:

"The situation is caused by a malicious ad script by Coinzilla, a crypto ad network - we have disabled it now but there may be some delay due to CDN caching. We are monitoring the situation further. Do stay on alert and don't connect your Metamask on CoinGecko."

The headline of this report has been updated.


Word emerged late Friday afternoon about an apparent phishing attack targeting users of popular crypto data sites like Etherscan and CoinGecko.

Affected users received prompts to connect their MetaMask wallets to a website called “nftapes.win”.

In a tweet, CoinGecko said: “If you are on the CoinGecko website and you are being prompted by your Metamask to connect to this site, this is a SCAM. Don't connect it. We are investigating the root cause of this issue.”

Etherscan said in a tweet on the matter: We’ve received reports of phishing popups via a 3rd party integration and are currently investigating. Please be careful not to confirm any transactions that pop up on the website.”

"Interim we've taken immediate action to disable the said 3rd party integration on Etherscan," the site said in a subsequent tweet. 

Though the precise cause has not been confirmed, initial indications suggest that malicious code via ads on the affected sites is the vector for the phishing attack.

DexTools, another crypto-focused app site, is also affected. In its tweet, DexTools appeared to blame a crypto ad platform known as Coinzilla. 

"We are disabling all ads until the situation is clarified by @adsbycoinzilla. Please be aware and don't sign suspicious requests at your wallet. DEXTools does not automatically request any permissions."

This is a breaking news story and will be updated as more information becomes available.

Trending Stories

Get Your Crypto
Daily Brief

Delivered daily, straight to your inbox.

Will Sanctions Drive Russia into the Arms of Cryptocurrencies?

From the removal of many Russian banks from SWIFT to a seemingly constant flow of new sanctions, Russia’s invasion of Ukraine has left many to wonder: Is the country likely to lurch towards cryptocurrencies? And if so, what does this mean for businesses that are holding and/or using crypto? Crypto and sanctions evasion Although crypto […]
Read Full Story
Sponsored Post

Layer-2 Scaling Solutions: A Framework for Comparison - Commissioned by Polygon

Ethereum had a breakout year in 2021. It’s native asset, ETH’s, market capitalization surpassed $500 billion for the first time. Its network facilitated upwards of $7 trillion value transfer. Non-fungible tokens (NFTs) emerged as another “killer application” that have put its technology on the global stage and caught the attention of the masses.
Read Full Story
May 5, 2022, 3:17PM UTC
More