Several popular cryptocurrency data websites such as CoinGecko, Etherscan, DeFi Pulse, and others reported incidents of malicious popup, prompting users to connect their MetaMask wallets to use on the site. The wallet is a software crypto wallet that enables access on phone or via browser.
According to a CoinDesk report, the phishing attack appeared to promise a link to the Bored Ape Yacht Club project, with an ape skull logo and a (now-disabled) nftapes.win domain.
CoinGecko founder Bobby Ong told CoinDesk that they are investigating the root cause of the attack to fix the problem.
Ong assumed that the incident is caused by a malicious ad script by Coinzilla which is a crypto ad network.
On the other hand, crypto website Etherscan urged users not to confirm any transactions that popped up on the website.
Last year, a security company Check Point Research identified a phishing attack that used Google ads and attempted to steal either someone's credentials or trick them into logging into the attacker's wallet so that it would receive any transactions they attempted.
A phishing attack in February this year stole $1.7 million worth of NFTs from OpenSea users.
Subscribe to Mint Newsletters
* Enter a valid email
* Thank you for subscribing to our newsletter.