Popular Crypto Data Sites Targeted With Phishing Attack
Etherscan, CoinGecko and other sites displayed a suspicious pop-up asking users to connect their wallets.
Crypto data websites Etherscan, CoinGecko and others reported incidents of a malicious pop-up prompting users to connect their MetaMask wallets.
The phishing attack appears to come from a domain displaying the Bored Ape Yacht Club logo. As of press time, the site tied to the domain appeared to be taken down. According to a WHOIS lookup, the domain was registered Friday around 3 p.m. ET.
"We are investigating the root cause of this attack to fix it as soon as possible," CoinGecko founder Bobby Ong told CoinDesk in a Telegram message.
“The situation is most likely caused by a malicious ad script by Coinzilla, a crypto ad network – we have disabled it now,” said Ong. “We are monitoring the situation further.”
In a tweet, Etherscan urged users to “not confirm any transactions” that popped up on its website.
CORRECTION (May 14, 14:49 UTC): DeFi Pulse was not one of the websites affected in the attack, as reported in an earlier version of this story.
The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.
Learn more about Consensus 2023, CoinDesk’s longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.