{"id":446833,"date":"2022-05-14T08:12:12","date_gmt":"2022-05-14T05:12:12","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/etherscan-coingecko-warn-against-ongoing-metamask-phishing-attacks\/"},"modified":"2022-05-14T08:12:12","modified_gmt":"2022-05-14T05:12:12","slug":"etherscan-coingecko-warn-against-ongoing-metamask-phishing-attacks","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/etherscan-coingecko-warn-against-ongoing-metamask-phishing-attacks\/","title":{"rendered":"# Etherscan, CoinGecko warn against ongoing MetaMask phishing attacks"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_84 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a2ddd0bb3a41\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a2ddd0bb3a41\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/etherscan-coingecko-warn-against-ongoing-metamask-phishing-attacks\/#%E2%80%9D_Etherscan_CoinGecko_warn_against_ongoing_MetaMask_phishing_attacks_%E2%80%9C\" >&#8221; Etherscan, CoinGecko warn against ongoing MetaMask phishing attacks &#8220;<\/a><\/li><\/ul><\/nav><\/div>\n<h1><span class=\"ez-toc-section\" id=\"%E2%80%9D_Etherscan_CoinGecko_warn_against_ongoing_MetaMask_phishing_attacks_%E2%80%9C\"><\/span>&#8221; Etherscan, CoinGecko warn against ongoing MetaMask phishing attacks &#8220;<span class=\"ez-toc-section-end\"><\/span><\/h1>\n<div class=\"post-content\" data-v-2a0745c6>Popular crypto analytics platforms Etherscan and CoinGecko have parallelly issued an alert against an ongoing phishing attack on their platforms. The firms began investigating the attack after numerous users reported unusual MetaMask pop-ups prompting users to connect their crypto wallets to the website.\u00a0<\/p>\n<p>Based on the information disclosed by the analytics firms, the latest phishing attack attempts to gain access to users\u2019 funds by requesting to integrate their crypto wallets via MetaMask once they access the official websites. <\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Security Alert: If you are on the CoinGecko website and you are being prompted by your Metamask to connect to this site, this is a SCAM. Don&#8217;t connect it. We are investigating the root cause of this issue. <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/t.co\/7vPfTAjtiU\">pic.twitter.com\/7vPfTAjtiU<\/a><\/p>\n<p>\u2014 CoinGecko (@coingecko) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/coingecko\/status\/1525229832094617600?ref_src=twsrc%5Etfw\">May 13, 2022<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><br \/>\nEtherscan further revealed that the attackers have managed to display phishing pop-ups via third-party integration and advised investors to refrain from confirming any transactions requested by MetaMask.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\"> We\u2019ve received reports of phishing popups via a 3rd party integration and are currently investigating. <\/p>\n<p>Please be careful not to confirm any transactions that pop up on the website.<\/p>\n<p>\u2014 \u201cThe Etherscan\u201d (@etherscan) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/etherscan\/status\/1525232602759966721?ref_src=twsrc%5Etfw\">May 13, 2022<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Pointing toward the possible cause of the attack, @Noedel19, a member of Crypto <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/social-mediaa\/\" data-internallinksmanager029f6b8e52c=\"1\" title=\"Social Media\" target=\"_blank\" rel=\"noopener\">Twitter<\/a>, connected the ongoing phishing attacks to the compromise of Coinzilla, an advertising and marketing agency, stating that \u201cAny website that makes use of Coinzilla Ads are compromised.\u201d<\/p>\n<figure><img decoding=\"async\" src=\"https:\/\/s3.cointelegraph.com\/uploads\/2022-05\/8983e7b8-a1b5-47af-aa9a-1e522f9d53ee.png\"><figcaption style=\"text-align: center;\">Compromised CoinZilla source code with phishing link. Source: @Noedel19<\/figcaption><\/figure>\n<p>The screenshots shared below show the automated pop-up from MetaMask asking to connect with the link falsely portraying as Bored Ape Yacht Club\u2019s (BAYC) non-fungible token (NFT) offering.<\/p>\n<figure><img decoding=\"async\" src=\"https:\/\/s3.cointelegraph.com\/uploads\/2022-05\/16dfdb3c-2a76-4a9e-91de-36f1589576f0.jfif\"><figcaption style=\"text-align: center;\">CoinGecko website showing fake MetaMask pop-up. Source: @Noedel19<\/figcaption><\/figure>\n<p>On May 4, Cointelegraph further warned readers about the rise in Ape-<a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">theme<\/a>d airdrop phishing scams, which is further cemented by the latest warnings issued by Etherscan and CoinGecko.<\/p>\n<p>While an official confirmation from Coinzilla is still underway, @Noedel19 suspects that all companies that have ad integration with Coinzilla remain at risk of similar attacks wherein their users get pop-ups for MetaMask integration. <\/p>\n<p>As a primary means of damage control, Etherscan has disabled the compromised third-party integration on its website.<\/p>\n<p>Coinzilla has not yet responded to Cointelegraph\u2019s request for comment. <\/p>\n<p><strong>Related: <\/strong><strong><em>Bored Ape Yacht Club NFTs stolen in Instagram phishing attack<\/em><\/strong><\/p>\n<p>The team behind BAYC recently warned investors about an attack after hackers were found to breach their official Instagram account. <\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">There is no mint going on today. It looks like BAYC Instagram was hacked. Do not mint anything, click links, or link your wallet to anything.<\/p>\n<p>\u2014 Bored Ape Yacht Club (@BoredApeYC) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/BoredApeYC\/status\/1518590210686308354?ref_src=twsrc%5Etfw\">April 25, 2022<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>As Cointelegraph reported on April 25, hackers were able to gain access to BAYC\u2019s official Instagram account. The hackers then contacted BAYC\u2019s Instagram followers and shared links to fake airdrops.\u00a0<\/p>\n<p>Users who connected their MetaMask wallets to the scam website were subsequently drained of their Ape NFTs. Unconfirmed reports <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/moonoverlord\/status\/1518603843616968704?s=21&amp;t=x1_lzV6sLpRAC3ckK6vbPA\">suggest<\/a> that approximately 100 NFTs were stolen during the phishing attack.<\/p>\n<p><template data-name=\"subscription_form\" data-type=\"markets_outlook\"><\/template><\/div>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong>\n<\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/news\/\" data-internallinksmanager029f6b8e52c=\"2\" title=\"News\" target=\"_blank\" rel=\"noopener\">News<\/a> articles, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/general\/\" target=\"_blank\" rel=\"noopener\">General category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/cointelegraph.com\/news\/etherscan-coingecko-warn-against-ongoing-metamask-phishing-attacks\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8221; Etherscan, CoinGecko warn against ongoing MetaMask phishing attacks &#8220; Popular crypto analytics platforms Etherscan and CoinGecko have parallelly issued an alert against an ongoing phishing attack on their platforms. The firms began investigating the attack after numerous users reported unusual MetaMask pop-ups prompting users to connect their crypto wallets to the website.\u00a0 Based on&#8230;<\/p>\n","protected":false},"author":1,"featured_media":446834,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/images.cointelegraph.com\/images\/1200_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjItMDUvODllOWMyNGEtYzBlMC00NjZmLWJhNGQtNDM4OWY0OWExMTA0LmpwZw==.jpg","fifu_image_alt":"","footnotes":""},"categories":[1],"tags":[79806,128889,74894,82963,74891,74882,97495,95118,117,70944],"class_list":["post-446833","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","tag-analysis","tag-apecoin","tag-blockchain","tag-coingecko","tag-ethereum","tag-hacks","tag-integration","tag-nft","tag-business","tag-hackers"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/446833","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=446833"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/446833\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/446834"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=446833"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=446833"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=446833"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}