Trusted

Crypto Data Aggregator Websites Targeted in New Phishing Attempts

2 mins
Updated by Ryan Boltman
Join our Trading Community on Telegram

In Brief

  • The websites of CoinGecko, Etherscan, and Dextool, had a phishing attack ad prompt asking users to connect their MetaMask wallet.
  • The phishing code was integrated into the ad from a popular crypto ad network, Coinzilla.
  • Coinzilla says it is working to identify the person behind the attack.
  • promo

CoinGecko and Etherscan users were targets of phishing attacks yesterday. Those on the crypto data aggregator websites were prompted to connect their MetaMask wallet to the nftapes.win website.

CoinGecko tweeted a warning to its users to be wary of any prompts asking them to connect their wallet to the site, saying that it is a scam.

Etherscan also rehashed this warning to its users, while revealing that it had disabled third-party integration into the platform immediately. 

The websites have since updated their information, explaining the reason behind the attack. Investigations show that the phishing code was integrated into the ad from a popular crypto ad network, Coinzilla. 

According to Coinzilla’s statement, the phishing attack lasted for less than one hour, and its team would “manually review and recreate all the creatives used by our clients” to avoid a future recurrence. It also mentioned that it would be working to identify the person behind the attack.

FrankResearcher, the director of Research at The Block, explained that the attacker “wanted to get tokens approvals or perform swaps through DEXs to their address.” Another crypto expert, Jon_HQ, expressed his surprise that the attack worked, given its simplicity. 

He advised those who might have interacted with the ad to revoke access immediately. The security expert also mentioned the need to use Adblockers and move valuable NFTs from any wallet signed into the ad.

Phishing Attempts are Growing in Crypto

Phishing attacks have become quite common in the crypto space in recent months. With hackers perfecting ways to gain unauthorized access to users’ wallets, determining what is real and what is phishing has become more difficult. 

Recently, Solana-based lifestyle Dapp, STEPN, was the victim of a phishing attack spotted by PeckShield. Popular crypto hardware wallet, Trezor, was also targeted in a phishing attempt that looked genuine.

Industry experts have highlighted that these hackers now use social engineering strategies for phishing attacks. Unfortunately, this makes it difficult for victims to identify such attacks until they’ve lost their assets.

What do you think about this subject? Write to us and tell us!

Top crypto projects in the US | November 2024
Coinbase Coinbase Explore
Coinrule Coinrule Explore
Uphold Uphold Explore
3Commas 3Commas Explore
Chain GPT Chain GPT Explore
Top crypto projects in the US | November 2024
Coinbase Coinbase Explore
Coinrule Coinrule Explore
Uphold Uphold Explore
3Commas 3Commas Explore
Chain GPT Chain GPT Explore
Top crypto projects in the US | November 2024

Disclaimer

In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and ConditionsPrivacy Policy, and Disclaimers have been updated.

Oluwapelumi-Adejumo.png
Oluwapelumi Adejumo
Oluwapelumi Adejumo is a journalist at BeInCrypto, where he reports on a broad range of topics including Bitcoin, crypto exchange-traded funds (ETFs), market trends, regulatory shifts, technological advancements in digital assets, decentralized finance (DeFi), blockchain scalability, and the tokenomics of emerging altcoins. With over three years of experience in the industry, his works have been featured in major crypto media outlets such as CryptoSlate, Coinspeaker, FXEmpire, and Bitcoin...
READ FULL BIO
Sponsored
Sponsored