Share this article

Popular Crypto Data Sites Targeted With Phishing Attack

Etherscan, CoinGecko and other sites displayed a suspicious pop-up asking users to connect their wallets.

Updated May 11, 2023, 5:31 p.m. Published May 13, 2022, 10:07 p.m.

Crypto data websites Etherscan, CoinGecko and others reported incidents of a malicious pop-up prompting users to connect their MetaMask wallets.

The phishing attack appears to come from a domain displaying the Bored Ape Yacht Club logo. As of press time, the site tied to the domain appeared to be taken down. According to a WHOIS lookup, the domain was registered Friday around 3 p.m. ET.

STORY CONTINUES BELOW

Don't miss another story.Subscribe to the The Protocol Newsletter today. See all newsletters

By signing up, you will receive emails about CoinDesk products and you agree to our terms of use and privacy policy.

"We are investigating the root cause of this attack to fix it as soon as possible," CoinGecko founder Bobby Ong told CoinDesk in a Telegram message.

“The situation is most likely caused by a malicious ad script by Coinzilla, a crypto ad network – we have disabled it now,” said Ong. “We are monitoring the situation further.”

In a tweet, Etherscan urged users to “not confirm any transactions” that popped up on its website.

🚨 We’ve received reports of phishing popups via a 3rd party integration and are currently investigating.

Please be careful not to confirm any transactions that pop up on the website.
— Etherscan (@etherscan) May 13, 2022

Security Alert: If you are on the CoinGecko website and you are being prompted by your Metamask to connect to this site, this is a SCAM. Don't connect it. We are investigating the root cause of this issue. pic.twitter.com/7vPfTAjtiU
— CoinGecko (@coingecko) May 13, 2022

CORRECTION (May 14, 14:49 UTC): DeFi Pulse was not one of the websites affected in the attack, as reported in an earlier version of this story.

Phishing

More For You

Protocol Research: GoPlus Security

By CoinDesk Research

Nov 14, 2025

Commissioned byGoPlus

What to know:

As of October 2025, GoPlus has generated $4.7M in total revenue across its product lines. The GoPlus App is the primary revenue driver, contributing $2.5M (approx. 53%), followed by the SafeToken Protocol at $1.7M.
GoPlus Intelligence's Token Security API averaged 717 million monthly calls year-to-date in 2025 , with a peak of nearly 1 billion calls in February 2025. Total blockchain-level requests, including transaction simulations, averaged an additional 350 million per month.
Since its January 2025 launch , the $GPS token has registered over $5B in total spot volume and $10B in derivatives volume in 2025. Monthly spot volume peaked in March 2025 at over $1.1B , while derivatives volume peaked the same month at over $4B.

View Full Report

More For You

Solana’s Drift Launches v3, With 10x Faster Trades

By Margaux Nijkerk, AI Boost|Edited by Nikhilesh De

Dec 4, 2025

With v3, the team says that about 85% of market orders will fill in under half a second, and liquidity will deepen enough to bring slippage on larger trades down to around 0.02%.

What to know:

Drift, one of the largest perpetuals trading platforms on Solana, has launched Drift v3, a major upgrade meant to make on-chain trading feel as fast and smooth as using a centralized exchange.
The new version will deliver 10-times faster trade execution thanks to a rebuilt backend, marking the largest performance jump the project has made so far.

Read full story

Latest Crypto News