Popular crypto analytics platforms Etherscan and CoinGecko have simultaneously raised alerts for ongoing phishing attacks on their platforms. The companies began investigating the attack after numerous users reported unusual MetaMask pop-ups prompting users to connect their crypto wallets to the website.
According to information disclosed by the analytics firm, the latest phishing attack attempts to obtain user funds by requesting the integration of their crypto wallets via MetaMask after visiting the official website.
Security Alert: If you are on the CoinGecko website and your Metamask prompts you to connect to the website, this is a scam. Don’t connect it. We are investigating the root cause of this issue. pic.twitter.com/7vPfTAjtiU
— CoinGecko (@coingecko) May 13, 2022
Etherscan further revealed that the attackers have managed to display phishing pop-ups via a third-party integration and advised investors not to confirm any transactions requested by MetaMask.
We have received reports of phishing pop-ups via 3rd party integrations and are currently investigating.
Be careful not to confirm any transactions that pop up on the site.
— “Ether Scan” (@etherscan) May 13, 2022
Crypto Twitter member @Noedel19 pointed to a possible reason for the attack, linking the ongoing phishing attack to the breach of advertising and marketing agency Coinzilla, saying “any website using Coinzilla ads was compromised.”
The screenshot shared below shows MetaMask’s automated pop-up asking for a link that was erroneously portrayed as a Bored Ape Yacht Club (BAYC) Non-Fungible Token (NFT) product.
On May 4, Cointelegraph further warned readers Ape-themed airdrop phishing scams on the risethis is further cemented by the latest warnings issued by Etherscan and CoinGecko.
While the official confirmation from Coinzilla is still in the works, @Noedel19 suspects that all companies integrating with Coinzilla for advertising are still at risk of a similar attack, in which their users receive a popup for the MetaMask integration.
As a primary means of damage control, Etherscan has disabled compromised third-party integrations on its website.
Coinzilla has not responded to Cointelegraph’s request for comment.
The team behind BAYC recently warned investors about the attack after it was discovered that hackers had compromised its official Instagram account.
No mints today. Looks like BAYC Instagram has been hacked. Do not mint anything, click links or link your wallet to anything.
— Bored Ape Yacht Club (@BoredApeYC) April 25, 2022
As Cointelegraph reported on April 25, the hackers were able to gain access to BAYC’s official Instagram account. The hackers then contacted BAYC’s Instagram followers and shared a link to the fake airdrop.
Users who connected their MetaMask wallets to the scam site were subsequently drained of their Ape NFTs.unconfirmed reports Suggest About 100 NFTs were stolen during the phishing attack.