At the same time, Etherscan and CoinGecko issued warnings regarding an ongoing phishing attack on their platforms.
When a lot of clients observed strange MetaMask pop-ups pushing them to join their crypto wallets on the website, the organizations launched an investigation. They have finally supplied some information on phishing efforts.
According to the information provided, the attack attempts to get access to users’ funds by requesting that their MetaMask wallets be connected with the websites.
Etherescan also stated that the attackers were able to display phishing pop-ups via third-party integrations, and urged crypto investors not to confirm any transaction requests received through MetaMask.
To identify the underlying source of the attack, one member of the crypto Twitter community, @Noedel19, connected the ongoing phishing attacks to the hack of CoinZilla, a marketing and advertising firm. According to the Twitter user, any website that communicates with CoinZilla Ads has been hijacked.
Coinzilla has yet to publish an official comment on the hacking of their service. @Noedel19, on the other hand, feels that all firms with CoinZilla ad integration are still exposed to similar attacks.
As a precaution, Etherscan has disabled the vulnerable third-party integration on its website.
In a tweet, the company said, “Security Alert: If you are on the CoinGecko website and your Metamask is requesting you to connect to this site, this is a SCAM.” It is not linked. We’re investigating the root of the issue.”