Singapore markets close in 4 hours 45 minutes
  • Straits Times Index

    -6.52 (-0.20%)
  • Nikkei

    +29.52 (+0.11%)
  • Hang Seng

    +128.88 (+0.64%)
  • FTSE 100

    -29.09 (-0.39%)

    +823.56 (+2.81%)
  • CMC Crypto 200

    +15.18 (+2.31%)
  • S&P 500

    -32.27 (-0.81%)
  • Dow

    +48.38 (+0.15%)
  • Nasdaq

    -270.83 (-2.35%)
  • Gold

    -4.20 (-0.23%)
  • Crude Oil

    +1.37 (+1.25%)
  • 10-Yr Bond

    -0.0990 (-3.46%)
  • FTSE Bursa Malaysia

    +3.31 (+0.22%)
  • Jakarta Composite Index

    -44.63 (-0.65%)
  • PSE Index

    +30.02 (+0.46%)

Crypto Website Phishing Attack Targets MetaMask Users

  • Oops!
    Something went wrong.
    Please try again later.
·3-min read
In this article:
  • Oops!
    Something went wrong.
    Please try again later.

Key Insights:

  • GoinGecko and Etherscan were among those websites compromised.

  • MetaMask users faced a dodgy popup for the BAYC NFT collection.

  • Malicious code in an advertising script caused the commotion.

Users of the popular Web3 crypto wallet MetaMask have been targeted in a phishing attack resulting in a handful of high-profile crypto websites being compromised.

This comes at the end of a dreadful week that saw the world’s third-largest stablecoin collapse, America’s biggest exchange Coinbase go down again, and crypto markets lose $400 billion.

The attack we reported by various sources, including decentralized finance channel DeFiPrime which stated Etherscan and CoinGecko were among those compromised by suspicious popups.

When visiting certain websites, MetaMask users would get a pop-up prompting them to take action or approve a transaction. The websites began warning users over these popups once they were discovered.

Coinzilla Culprit

On May 14, CoinGecko posted a notice reporting that a malicious ad script had caused the attack from crypto ad network Coinzilla. It added that it has been disabled and warned users not to connect their MetaMask wallets to the data analytics portal.

A phishing attack is a targeted attack on a particular group, in this case, crypto wallet users. Some pop-ups disseminated malicious links to popular NFT projects such as the Bored Ape Yacht Club. The dodgy domain had been taken down at the time of writing.

Etherscan, a popular Ethereum blockchain tracker, warned that “we’ve received reports of phishing popups via a 3rd party integration and are currently investigating. Please be careful not to confirm any transactions that pop up on the website.”

Another crypto-based app website called DexTools was also compromised. “We are disabling all ads until the situation is clarified by @adsbycoinzilla,” it stated before warning, “please be aware and don’t sign suspicious requests at your wallet.”

Crypto Phishing Attacks on The Rise

Dodgy advertising scripts have been used before to target cryptocurrency users. In November, a phishing attack that used Google Ads was identified as it attempted to steal credentials or trick users into logging into the attacker’s wallet so they would become the new recipient of any transactions.

Google and Facebook (now Meta) have both been manipulated by malicious actors to display scam crypto advertising that lures users into divulging personal information or enabling wallet access.

In February, another phishing attack targeted NFT marketplace OpenSea and resulted in the theft of $1.7 million worth of NFTs from platform users.

MetaMask users have also been previously targeted with scammy emails disguised as verification requests from the crypto wallet.

Furthermore, customers of the French hardware wallet firm Ledger have been inundated with phishing emails and scams following a massive data breach on company servers in 2020.

This article was originally posted on FX Empire


Our goal is to create a safe and engaging place for users to connect over interests and passions. In order to improve our community experience, we are temporarily suspending article commenting