Etherscan and CoinGecko Release Simultaneous Security Alerts

hack
    • An alert has been issued by both Etherscan and CoinGecko simultaneously relating to an ongoing phishing attack on their platforms.
    • According to the information released, the attack attempts to gain access to users’ funds by requesting to integrate their MetaMask wallets with the websites.
    • One Twitter user believes the root cause of the attack may be the integration with CoinZilla.

An alert has been issued by both Etherscan and CoinGecko simultaneously relating to an ongoing phishing attack on their platforms.

After a number of users reported unusual MetaMask pop-ups that prompted them to connect their crypto wallets to the website, the firms launched an investigation, and have now released some information regarding the attempted phishing attacks.

According to the information released, the attack attempts to gain access to users’ funds by requesting to integrate their MetaMask wallets with the websites.

Etherescan further revealed that the attackers have also been able to display phishing pop-ups through third-party integrations, and has advised crypto investors to not confirm any transaction requests received by MetaMask.

In an effort to identify the root cause for the attack, one member of the crypto Twitter community, @Noedel19, connected the ongoing phishing attacks to the compromise of CoinZilla – a marketing and advertising agency. The Twitter user suggested that any website that integrates with CoinZilla Ads has been compromised.

Coinzilla has not yet given an official confirmation regarding its service being compromised. However, @Noedel19 is confident that all companies that have ad integration with CoinZilla are still at risk of similar attacks.

In an effort to implement damage control, Etherscan has disabled the compromised third-party integration on its website.

CoinGecko has also posted a tweet with the text “Security Alert: If you are on the CoinGecko website and you are being prompted by your Metamask to connect to this site, this is a SCAM. Don’t connect it. We are investigating the root cause of this issue.”