After its users were caught up in a malicious ad script, MetaMask, a famous Web3 crypto wallet, became a victim of a phishing attack. This attack has led to the compromise of several high-profile crypto wallets.
The phishing attack came as the cryptocurrency ecosystem faced several challenges, including declining market value. This week has been a tough and delicate crypto world. First, the biggest exchange, Coinbase in America, the third-largest stablecoin globally, collapsed. As a result, the crypto market lost over $400 billion.
According to the decentralised finance channel, DeFiPrime, CoinGecko, and Etherscan were also victims of the targeted phishing attack. Usually, when visiting a website, users of MetaMask get a prompt that pops up in between their perusing the site.
Phishing Attacks on the Rise!
On Saturday, May 14th, a report was circulated by CoinGecko stating that a harmful ad script had been posted on the platform. According to the report, the malicious ad was posted by Coinzilla, a crypto ad network. Although there was a claim that the ad had been disabled, it was advised not to link wallets back to the platform until the portal is considered safe for use.
In this case, crypto wallet users were specifically targeted in the phishing attack. Malicious links were shared to popular NFT projects through some popups in the form of ads. One of the NFT projects is the Bored Ape Yacht Club.
According to the statement gotten from Etherscan, “We’ve received reports of phishing popups via a 3rd party integration and are currently investigating.” Please be careful not to confirm any transactions that pop up on the website. “
DexTools, another crypto-based app website that was also compromised, warned its users not to confirm any transactions until the coast was clear. In addition, as a further means of protecting users, the platform has disabled all ads.
Google and Facebook have been manipulated at some point by these actors, which is similar to what is experienced by other major platforms. The popular NFT marketplace, OpenSea, has also been a victim of phishing attacks that resulted in a large loss in value and volume.