Etherscan and CoinGecko Warn About Ongoing MetaMask Phishing Attack

Popular crypto analytics platforms Etherscan and CoinGecko have simultaneously raised alerts for ongoing phishing attacks on their platforms. The companies began investigating the attack after numerous users reported unusual MetaMask pop-ups prompting users to connect their crypto wallets to the website.

According to information disclosed by the analytics firm, the latest phishing attack attempts to obtain user funds by requesting the integration of their crypto wallets via MetaMask after visiting the official website.

Etherscan further revealed that the attackers have managed to display phishing pop-ups via a third-party integration and advised investors not to confirm any transactions requested by MetaMask.

Crypto Twitter member @Noedel19 pointed to a possible reason for the attack, linking the ongoing phishing attack to the breach of advertising and marketing agency Coinzilla, saying “any website using Coinzilla ads was compromised.”

Compromised CoinZilla source code with phishing links. Source: @Noedel19

The screenshot shared below shows MetaMask’s automated pop-up asking for a link that was erroneously portrayed as a Bored Ape Yacht Club (BAYC) Non-Fungible Token (NFT) product.

CoinGecko website displays fake MetaMask popup. Source: @Noedel19

On May 4, Cointelegraph further warned readers Ape-themed airdrop phishing scams on the risethis is further cemented by the latest warnings issued by Etherscan and CoinGecko.

While the official confirmation from Coinzilla is still in the works, @Noedel19 suspects that all companies integrating with Coinzilla for advertising are still at risk of a similar attack, in which their users receive a popup for the MetaMask integration.

As a primary means of damage control, Etherscan has disabled compromised third-party integrations on its website.

Coinzilla has not responded to Cointelegraph’s request for comment.

related: Boring Ape Yacht Club NFT stolen in Instagram phishing attack

The team behind BAYC recently warned investors about the attack after it was discovered that hackers had compromised its official Instagram account.

As Cointelegraph reported on April 25, the hackers were able to gain access to BAYC’s official Instagram account. The hackers then contacted BAYC’s Instagram followers and shared a link to the fake airdrop.

Users who connected their MetaMask wallets to the scam site were subsequently drained of their Ape NFTs.unconfirmed reports Suggest About 100 NFTs were stolen during the phishing attack.