Cryptocurrency data websites Etherscan, CoinGecko, DeFi Pulse and many other data tracking sites have reported that they have been subjected to a number of malicious attacks.
According to the website’s statement, the attackers somehow added pop-up notifications to these websites for users to link their MetaMask wallets.
When the domain address where the attack is made is examined Bored Ape Yacht Club It is observed that they use the logo.
At the time of this writing, this site was no longer accessible. When the WHOIS data is examined, it is understood that the domain registration of the malicious site in question was made today.
Disclosure from Cryptocurrency Data Monitoring Sites
CoinGecko founder Bobby Ong said in his message on Telegram:
“We are investigating the source of this attack so we can resolve the issue as soon as possible. The attack was most likely caused by a malicious ad script sent by Coinzilla, a cryptocurrency ad network. We have disabled this service for now. We continue to investigate the situation.”
Etherscan also warned users not to approve any transaction originating from their website in a message published on Twitter. Users should regularly check the sites they have linked to their MetaMask wallets.
By tricking users into linking their MetaMask wallets with the promise of free NFT or crypto, attackers take over these wallets and transfer the assets in the wallet to their own accounts.
The mixing services used by the attackers to lose track of these coins have been subject to sanctions by the US authorities in recent days.
*Not investment advice.