{"id":437111,"date":"2022-04-25T15:23:05","date_gmt":"2022-04-25T12:23:05","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/stepn-impersonators-stealing-users-seed-phrases-warn-security-experts\/"},"modified":"2022-04-25T15:23:05","modified_gmt":"2022-04-25T12:23:05","slug":"stepn-impersonators-stealing-users-seed-phrases-warn-security-experts","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/stepn-impersonators-stealing-users-seed-phrases-warn-security-experts\/","title":{"rendered":"# Stepn impersonators stealing users&#8217; seed phrases, warn security experts"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_84 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a2c2a2a73f6f\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a2c2a2a73f6f\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/stepn-impersonators-stealing-users-seed-phrases-warn-security-experts\/#%E2%80%9D_Stepn_impersonators_stealing_users_seed_phrases_warn_security_experts_%E2%80%9C\" >&#8221; Stepn impersonators stealing users&#8217; seed phrases, warn security experts &#8220;<\/a><\/li><\/ul><\/nav><\/div>\n<h1><span class=\"ez-toc-section\" id=\"%E2%80%9D_Stepn_impersonators_stealing_users_seed_phrases_warn_security_experts_%E2%80%9C\"><\/span>&#8221; Stepn impersonators stealing users&#8217; seed phrases, warn security experts &#8220;<span class=\"ez-toc-section-end\"><\/span><\/h1>\n<p><img decoding=\"async\" src=\"https:\/\/images.cointelegraph.com\/images\/840_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjItMDQvNTc2OWNhYmEtZWU2MC00ZjlhLTg0ZDctOTJmOTFmM2Y2NjRkLmpwZw==.jpg\" \/><\/p>\n<div class=\"post-content\" data-v-2a0745c6>Peckshield, a prominent blockchain security firm, has today exposed that there are numerous phishing websites for the Web3 lifestyle <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">app<\/a> Stepn. Hackers insert a forged MetaMask browser plugin through which they can steal seed phrases from unsuspecting Stepn users, according to Peckshield.<\/p>\n<p>When these cybercriminals obtain the seed phrase, they gain complete control over the Stepn user&#8217;s dashboard, where they may connect their stolen wallets to their own or &#8220;claim&#8221; a giveaway as per Peckshield.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\"><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/hashtag\/PeckShieldAlert?src=hash&amp;ref_src=twsrc%5Etfw\">#PeckShieldAlert<\/a> <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/hashtag\/phishing?src=hash&amp;ref_src=twsrc%5Etfw\">#phishing<\/a> PeckShield has detected a bath of <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/Stepnofficial?ref_src=twsrc%5Etfw\">@Stepnofficial<\/a> phishing sites. They insert a false Metamask browser extension leading to stealing your seed phrase or prompt you to connect your wallets or \u201cClaim\u201d giveaway. <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/MetaMask?ref_src=twsrc%5Etfw\">@Metamask<\/a> <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/coinbase?ref_src=twsrc%5Etfw\">@Coinbase<\/a> <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/WalletConnect?ref_src=twsrc%5Etfw\">@WalletConnect<\/a> <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/phantom?ref_src=twsrc%5Etfw\">@phantom<\/a> <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/t.co\/cmWUcprMAN\">pic.twitter.com\/cmWUcprMAN<\/a><\/p>\n<p>\u2014 PeckShieldAlert (@PeckShieldAlert) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/PeckShieldAlert\/status\/1518499183237672960?ref_src=twsrc%5Etfw\">April 25, 2022<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><br \/>\nPeckshield has urged Stepn users to contact support as soon as possible if they detect anything suspicious with their accounts. Some customers stated they had encountered issues, reported them to support, and resolved the problem.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">I was experiencing Just the same issue but was fixed in minutes soon as I reached out to the support team with the link below, give it a try too mate!<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/t.co\/l36cJerNm2\">https:\/\/t.co\/l36cJerNm2<\/a><\/p>\n<p>\u2014 cristian ronaldo (@cristianronal24) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/cristianronal24\/status\/1518500075034615808?ref_src=twsrc%5Etfw\">April 25, 2022<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>However, Stepn has yet to provide any official remarks about it. The phishing notification arrived nearly 20 hours after the Web3 lifestyle app finished its AMA session on <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/social-mediaa\/\" data-internallinksmanager029f6b8e52c=\"1\" title=\"Social Media\" target=\"_blank\" rel=\"noopener\">Twitter<\/a> spaces. Peckshield is a popular Twitter account where the cryptocurrency community may learn about hacks or phishing scams.<\/p>\n<p>STEPN is a Solana-based <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/game\/\" data-internallinksmanager029f6b8e52c=\"7\" title=\"Game\" target=\"_blank\" rel=\"noopener\">game<\/a> where gamers buy nonfungible token (NFT) sneakers to begin playing. The app monitors users&#8217; movement through the GPS on their mobile phones and gives them in-game tokens called Green Satoshi Tokens (GSTs). These coins can then be traded for USD Coin (USDC) or Solana (SOL), allowing users to cash out.<\/p>\n<p>Phishing attacks, rug pulls and protocol exploits have become more prevalent in the cryptocurrency industry as decentralized finance (DeFi) and nonfungible tokens (NFTs) have become popular. These types of attacks are not new, but they are continually evolving to take advantage of users in different ways.<\/p>\n<p><strong><em>Related: <\/em><\/strong><strong><em>Trezor investigates potential data breach as users cite phishing attacks<\/em><\/strong><\/p>\n<p>Last month, the Ronin bridge on Axie Infinity was attacked and robbed of more than $600 million in Ether (ETH) and USD Coin. As reported by Cointelegraph recently, in a cryptocurrency heist gone wrong, an attacker fumbled their getaway at the finish line, leaving behind over $1 million in stolen crypto. Earlier this year, $80 million in crypto was stolen from Qubit Finance when hackers duped the protocol into thinking they had put down collateral, allowing them to mint a bridged currency asset.<\/p>\n<p><template data-name=\"subscription_form\" data-type=\"markets_outlook\"><\/template><\/div>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong>\n<\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/news\/\" data-internallinksmanager029f6b8e52c=\"2\" title=\"News\" target=\"_blank\" rel=\"noopener\">News<\/a> articles, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/general\/\" target=\"_blank\" rel=\"noopener\">General category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/cointelegraph.com\/news\/stepn-impersonators-stealing-users-seed-phrases-warn-security-experts\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8221; Stepn impersonators stealing users&#8217; seed phrases, warn security experts &#8220; Peckshield, a prominent blockchain security firm, has today exposed that there are numerous phishing websites for the Web3 lifestyle app Stepn. Hackers insert a forged MetaMask browser plugin through which they can steal seed phrases from unsuspecting Stepn users, according to Peckshield. When these&#8230;<\/p>\n","protected":false},"author":1,"featured_media":437112,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/images.cointelegraph.com\/images\/1200_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjItMDQvNTc2OWNhYmEtZWU2MC00ZjlhLTg0ZDctOTJmOTFmM2Y2NjRkLmpwZw==.jpg","fifu_image_alt":"","footnotes":""},"categories":[1],"tags":[74894,74863,74868,74891,74882,95118,74355,70944,75134],"class_list":["post-437111","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","tag-blockchain","tag-cryptocurrencies","tag-defi","tag-ethereum","tag-hacks","tag-nft","tag-adoption","tag-hackers","tag-phishing"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/437111","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=437111"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/437111\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/437112"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=437111"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=437111"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=437111"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}