Technology

A series of popular cryptocurrency websites were hacked


Popular cryptocurrency websites suffer from phishing attacks, tricking users into connecting to their MetaMask wallet addresses right on the website.

E-wallets are cryptographic software that can be accessed by phone or through a browser. Popular crypto data sites such as CoinGecko, Etherscan, DeFi Pulse and several others were targeted by this attack.

According to CoinDesk, the phishing attack, in the form of a pop-up ad, links to a domain that looks like Bored Ape Yatch, the hit NFT project, with an ape skull logo. Currently this domain name (nftapes.win) has been disabled.

Bobby Ong, founder of CoinGecko, said that they are investigating the cause of the attack to patch the bug. Ong also attributed the problem to the malicious advertising script of Coinzilla, a cryptocurrency advertising network.

“The incident was most likely caused by a malicious advertisement by Coinzilla, a crypto advertising network, and we have now disabled it. The company is also closely monitoring the situation,” Ong said.

Meanwhile, the Etherscan site quickly asked users not to confirm any transactions that appeared on the website.

Last year, security firm Check Point Research discovered a phishing attack that used Google ads to steal users’ credentials or trick them into logging into an attacker’s wallet to perform malicious attacks. transaction.

Another phishing attack against OpenSea in February stole $1.7 million worth of NFTs.

Vinh Ngo

.

Leave a Reply

Your email address will not be published. Required fields are marked *