www.banklesstimes.com
HomeNewsBreaking: Phishing Attack Targets Leading Crypto Sites
Breaking: Phishing Attack Targets Leading Crypto Sites

Breaking: Phishing Attack Targets Leading Crypto Sites

Last updated 14th May 2022
Disclosure
  • Malicious pop-up is prompting users to connect their MetaMask wallets
  • Phishing attack stems from a domain displaying the Bored Ape Yacht Club logo

Leading crypto data websites Etherscan, CoinGecko, DeFi Pulse and others have suffered incidents of a malicious pop-up prompting users to connect their MetaMask wallets, CoinDesk reported early this morning.

Attack came from BAYC-linked domain

The phishing attack appeared to stem from a domain displaying the Bored Ape Yacht Club (BAYC) logo. CoinDesk reported further than the site linked to the domain seemed to have been taken down at time of publication.

A WHOIS lookup showed that the domain was registered around 3 PM ET on May 13.

In a tweet, Etherscan urged users to exercise caution:

We’ve received reports of phishing popups via a 3rd party integration and are currently investigating. Please be careful not to confirm any transactions that pop up on the website.

CoinGecko tweeted:

If you are on the CoinGecko website and you are being prompted by your Metamask to connect to this site, this is a SCAM. Don't connect it. We are investigating the root cause of this issue.

CoinGecko founder Bobby Ong told CoinDesk in a Telegram message:

We are investigating the cause of this attack to fix it as soon as possible. The situation is most likely caused by a malicious ad script by Coinzilla, a crypto ad network - we have disabled it now. We are monitoring the situation further.

Bankless Times is monitoring reports on the news and all relevant developments.

Daniela Kirova

Daniela Kirova

Daniela is a writer at Bankless Times, covering the latest news on the cryptocurrency market and blockchain industry. She has over 15 years of experience as a writer, having ghostwritten for several online publications in the financial sector.