Popular crypto-analytics platforms Etherscan and CoinGecko have simultaneously issued an alert against an ongoing phishing attack on their platforms. The companies began investigating the attack after many users reported unusual MetaMask pop-ups prompting users to connect their cryptocurrencies to the site.
Based on the information revealed by the analytics companies, the latest phishing attack is trying to gain access to the finances of users by asking them to integrate their cryptocurrencies through MetaMask after they access the official websites.
Security Warning: If you are on the CoinGecko website and your Metamask prompts you to connect to this site, this is a SCAM. Do not connect it. We are investigating the root cause of this problem. pic.twitter.com/7vPfTAjtiU
– CoinGecko (@coingecko) May 13, 2022
Etherscan further revealed that the attackers managed to show phishing pop-ups through third-party integration and advised investors to refrain from confirming any transactions requested by MetaMask.
We have received reports of phishing pop-ups through third-party integration and are currently investigating.
Please be careful not to confirm any transactions that appear on the website.
– “The Etherscan” (@etherscan) May 13, 2022
Pointing to the possible cause of the attack, @ Noedel19, a member of Crypto Twitter, linked the ongoing phishing attacks to the compromise of Coinzilla, an advertising and marketing agency, stating that “Every website that uses Coinzilla Ads is compromised.”
The screenshots shared below show MetaMask’s automated popup asking to connect to the link falsely presented as the Bored Ape Yacht Club’s (BAYC) unbreakable token (NFT) offer.
On May 4, Cointelegraph further warned readers about the rise of Ape-themed airdrop phishing scams, which is further cemented by the latest warnings issued by Etherscan and CoinGecko.
While official confirmation of Coinzilla is still pending, @ Noedel19 suspects that all companies that have ad integration with Coinzilla remain at risk of similar attacks by which their users receive pop-ups for MetaMask integration.
As a primary means of damage control, Etherscan has disabled the compromised third-party integration on its website.
Coinzilla has not yet responded to Cointelegraph’s request for comment.
Related: Bored Ape Yacht Club NFTs stolen in Instagram phishing attack
The team behind BAYC recently warned investors of an attack after hackers were found breaking into their official Instagram account.
No mint is happening today. It looks like BAYC Instagram has been hacked. Don’t mount anything, click on links or link your wallet to anything.
– Bored Ape Yacht Club (@BoredApeYC) April 25, 2022
As Cointelegraph reported on April 25, hackers were able to gain access to BAYC’s official Instagram account. The hackers then contacted BAYC’s Instagram followers and shared links to fake airmail.
Users who connected their MetaMask wallets to the fraudulent website were later hacked by their Ape NFTs. Unconfirmed reports to suggest that about 100 NFTs were stolen during the phishing attack.