Several users of cryptocurrency data platforms like CoinGecko, EtherScan and Dextools were on Friday subject to a phishing attack. Complaints from multiple users alerted that popups appeared on the platforms asking to connect their Metamask wallets.
Phishing Attack Alerts
Following this, CoinGecko tweeted, “Security Alert: If you are on the CoinGecko website and you are being prompted by your Metamask to connect to this site, this is a SCAM. Don’t connect it. We are investigating the root cause of this issue.”
In a subsequent update, CoinGecko said the phishing attack was caused by a malicious ad script by Coinzilla. “The situation is caused by a malicious ad script by Coinzilla, a crypto ad network – we have disabled it now but there may be some delay due to CDN caching. We are monitoring the situation further. Do stay on alert and don’t connect your Metamask on CoinGecko.”
Probe On Phishing
Etherscan, an analytics platform for Ethereum, tweeted,
“We have received reports of phishing popups via a 3rd party integration and are currently investigating. Please be careful not to confirm any transactions that pop up on the website. Interim we’ve taken immediate action to disable the said 3rd party integration on Etherscan.”
Similarly, reacting to an alert to not sign any requests delivered to Metamask wallets, Dextools, a DeFi app, said it was disabling all ads until the situation is clarified by Coinzilla. “Please be aware and don’t sign suspicious requests at your wallet. DEXTools does not automatically request any permissions.”
The latest attack adds to the growing number of hacking and phishing instances in the crypto space. Apart from prominent crypto platforms that were subject to hacking, crypto wallets have also been targetted by the perpetrators.
According to statistics from Chainalysis, an estimated $14 billion was siphoned off in various crypto-related security breaches in 2021.
The presented content may include the personal opinion of the author and is subject to market condition. Do your market research before investing in cryptocurrencies. The author or the publication does not hold any responsibility for your personal financial loss.
Source: https://coingape.com/major-phishing-attack-targets-users-on-crypto-data-sites/