Cryptocurrency owners have once again been warned to be wary of scammers after discovering a new phishing attack. Visitors to many popular cryptocurrency websites, such as Etherscan, CoinGecko, and DexTools, are experiencing suspicious popups.
The attack appears to have targeted MetaMask cryptocurrency wallets, which allow users to access their crypto holdings on their mobile device or browser and use the infamous board Ape Yacht Club logo to prove and disprove its legitimacy.
In addition to the frustrating app logo, the popup asks the victim to “connect with Metamask”, trying to deceive them that this ad is a legitimate part of the site. Its purpose is to redirect victims to a malicious domain that will empty the user’s crypto wallet without any hope of recovery.
Affected sites acted quickly after Etherscan warned users that it had disabled third-party integrations on its website and would not confirm any transactions appearing in the popup. The CoinGecko industry advertising network identified Coinzilla as the source of the malicious pop-up and even removed it from its site.
The news came amid a long series of scams and fraud attacks targeting crypto owners, which have now reached tens of millions. Back in March 2022, ESET discovered a scam campaign that used malicious apps distributed through fake websites to steal bitcoin and other cryptocurrencies from suspicious users.
Malicious apps mimic popular cryptocurrency wallets such as Metamask, Coinbase, Trust Wallet, TokenPocket, Bitpie, imToken, and OneKey, and even publish legitimate websites with articles that mislead fraudulent websites that distribute copycat wallet apps.
Earlier this year, hundreds of millions of dollars worth of cryptocurrency was stolen from the Ronin network, which provides the “blockchain bridge” that powers the NFT game Axi Infinity.
