Phishing attacks are getting smarter!
Away from the recent collapse of LUNA-UST which seems to have eclipsed all other issues, there has actually been another unfortunate event in crypto...
Last Friday, it was reported that users of crypto data websites such as Etherscan, CoinGecko, DeFi Pulse and others were greeted with a malicious pop-up prompting them to connect their MetaMask wallets to a fake domain displaying the Bored Ape Yacht Club logo
Once users connect their wallets, scammers can get access and steal all coins/tokens stored there.
Both Etherscan and CoinGecko warned about the breach and warned users from connecting wallets with their sites...
On the face of it, this might seem normal, as we all know how crowded with scammers the crypto space is. Scammers who always try to take advantage of the anonymity nature of cryptocurrency to make illicit gains. However, what is really concerning, this time, is that they have managed to do their traps on some of the most famous and trusted crypto-related sites. They didn't have to create fake sites or domains, they were able to pull their victims right from the legit sites. Many people who are already suffering from the recent decline in crypto, unfortunately, fell for it and lost their remaining savings which is a horrible thing to see...
How did they manage to hack all those sites at once?
Well, according to Coingecko:
The situation is caused by a malicious ad script by Coinzilla, a crypto ad network - we have disabled it now but there may be some delay due to CDN caching. We are monitoring the situation further. Do stay on alert and don't connect your Metamask on CoinGecko.
This means that the scammers didn't really hack CoinGecko, but they hacked the ad company linked with CoinGecko (and other sites) in order to make their malicious Metamask pop-ups.
As you can see, as crypto expands, drooling scammers can make sly ways to trap their victims...
The golden rule is to get yourself a hardware wallet to store the lion's share of your crypto portfolio. But if you can't afford one, or you want to use Metamask to interact with defi protocols, then please distribute your coins/tokens into multiple wallets. We all know how the saying goes "don't put all your eggs in one basket"
Another tip is to bookmark the DEXs or Defi protocols you usually use to make sure that you never connect your wallet to any random sites. And always remember there is nothing "free" in the world, so any message that suddenly pops up offering you a "free NFT" or "free Bitcoin", is %99 a SCAM.
Please, be careful and exercise extra caution with your hard-earned money, as NO ONE would compensate you if lost any of it...
PS, Unless otherwise stated, all images in this post are either my own design or from free photo-sharing sites (e.g. pixabay.com)
https://twitter.com/qsyal4/status/1526753438503165952
The rewards earned on this comment will go directly to the person sharing the post on Twitter as long as they are registered with @poshtoken. Sign up at https://hiveposh.com.
Oh no! That's too bad for investors who are already crying over their lost investment on Luna, really bad.
Scammers seem to be everywhere in the crypto space now I guess even as far as crypto company ads.
Your advice is great, be extra careful with where one stores his or her coins... Thanks for this.
Posted using LeoFinance Mobile
Yes, these cunning hackers find rat holes and get into the house through any cracks. you have to be very careful.
Posted Using LeoFinance Beta
They use their wits to destroy rather than build
Thanks for reading
I think that they often use a completely different place, which, like the brain, is divided into two halves.
Posted Using LeoFinance Beta