Etherscan and CoinGecko have parallelly issued an alert against an ongoing phishing attack on their platforms
In a recent announcement, CoinGecko revealed that their investigation has shown that cryptocurrency advertising platform Coinzilla is the source of the phishing attack code.
CoinGecko users are attacked by phishing by phishing malware
Yesterday, a phishing attack targeted users of popular crypto data sites like Etherscan and CoinGecko. Affected users received a prompt to connect their MetaMask wallet to a website called “nftapes.win”.
In a tweet, CoinGecko said:
Update: The situation is caused by a malicious ad script by Coinzilla, a crypto ad network – we have disabled it now but there may be some delay due to CDN caching. We are monitoring the situation further. Do stay on alert and don’t connect your Metamask on CoinGecko. https://t.co/NY0ppKecIG
— CoinGecko (@coingecko) May 13, 2022
Etherscan side announced:
Interim we’ve taken immediate action to disable the said 3rd party integration on Etherscan.
— The Etherscan (@etherscan) May 13, 2022
While the exact cause is still unconfirmed, early indications are that malicious code through ads on affected websites is a stepping stone to a phishing attack.
Dextools, another popular crypto tracking website, was also affected and claimed the vulnerability came from a cryptocurrency advertising platform called Coinzilla.
- Another Discord Server Has Fallen Victim To A Webhooks Exploit
- OneCoin Founder Ruja Ignatova Was Added To Europe’s Most Wanted List