Share this article
Popular Crypto Data Sites Targeted With Phishing Attack
Etherscan, CoinGecko and other sites displayed a suspicious pop-up asking users to connect their wallets.
By Tracy Wang
Updated May 11, 2023, 5:31 p.m. Published May 13, 2022, 10:07 p.m.
Make us preferred on Google
Crypto data websites Etherscan, CoinGecko and others reported incidents of a malicious pop-up prompting users to connect their MetaMask wallets.
The phishing attack appears to come from a domain displaying the Bored Ape Yacht Club logo. As of press time, the site tied to the domain appeared to be taken down. According to a WHOIS lookup, the domain was registered Friday around 3 p.m. ET.
STORY CONTINUES BELOW
"We are investigating the root cause of this attack to fix it as soon as possible," CoinGecko founder Bobby Ong told CoinDesk in a Telegram message.
“The situation is most likely caused by a malicious ad script by Coinzilla, a crypto ad network – we have disabled it now,” said Ong. “We are monitoring the situation further.”
In a tweet, Etherscan urged users to “not confirm any transactions” that popped up on its website.
🚨 We’ve received reports of phishing popups via a 3rd party integration and are currently investigating.
— Etherscan (@etherscan) May 13, 2022
Please be careful not to confirm any transactions that pop up on the website.
Security Alert: If you are on the CoinGecko website and you are being prompted by your Metamask to connect to this site, this is a SCAM. Don't connect it. We are investigating the root cause of this issue. pic.twitter.com/7vPfTAjtiU
— CoinGecko (@coingecko) May 13, 2022
CORRECTION (May 14, 14:49 UTC): DeFi Pulse was not one of the websites affected in the attack, as reported in an earlier version of this story.
