Several websites, including those of CoinGecko and Etherscan, have suffered attacks aimed at tricking users through phishing attempts. The event took place this weekend and serves as a reminder of the vigilance required in our ecosystem.
Sites like CoinGecko and Etherscan used for phishing
On Friday night, several cryptocurrency analysis websites such as CoinGecko or Etherscan were victims of a phishing attack.
A fraudulent advertisement spread on these platforms indeed allowed to launch the MetaMask wallet of the users, in the same way as it happens when one goes on a decentralized finance application (DeFi).
Potential victims were then asked to sign a malicious transaction, leading them to believe that they had won a reward related to the Bored Ape Yatch Club (BAYC) franchise.
The flaw came from the services provided by the advertising company Coinzilla. Indeed, the attacker would have directly integrated his code in one of the campaigns, in order to affect all the sites on which it would be broadcast. According to the company, the problem was identified and fixed within an hour:
“A single campaign containing a piece of malicious code managed to pass our automated security checks. It ran for less than an hour before our team stopped it and locked the account.”
Obviously, this was not about any reward, but rather about giving permission to a smart contract whose goal was to empty the victims’ digital wallet.
The right reflexes to keep in mind
The ingenuity of this phishing attempt on CoinGecko and Etherscan pushes us to recall the dangers that investors can sometimes face in the cryptocurrency world. In this case, the attack was aimed, as it often is, at manipulating the emotions of the target so as to make them act in haste.
Here, the very popular BAYC world was used. However, the fact that MetaMask opened in a situation where it should not have done so could call for distrust. If this had been legitimate, there is no doubt that the various actors involved would have announced the news on their own social networks.
Other attack vectors can also be used, especially email, as a recent fraudulent campaign targeting Trezor hardware wallet owners had shown.
While we don’t know if the current attack resulted in any victims, it does show that vigilance and critical thinking are of paramount importance in the world of blockchain and cryptocurrencies.