Home News MetaMask and Phantom wallet users targeted in crypto phishing scam

MetaMask and Phantom wallet users targeted in crypto phishing scam

446
0

As a result of a large-scale phishing campaign in search engines, hundreds of users of cryptocurrency wallets transferred over $500,000 to fraudsters. The Researchers from Check Point Research (CPR) reported this.

According to them, the attackers forged the popular MetaMask and Phantom wallets and used Google ads to spread phishing links.

The design of the fraudulent pages is similar to that of the official wallet website. But the applications installed from them are used to steal cryptocurrency. Users complained on Reddit and Twitter about hack, after clicking on links that led to a phishing wallet website.

“When creating a new Phantom wallet, the phishing site generates a message about a secret phrase to restore the attacker’s wallet. In fact, when transferring funds, the user sends them directly to fraudsters. In the case of MetaMask, they are also trying to steal the user’s seed phrase,” CPR said.

The Phantom and MetaMask wallets are the most popular wallets for Solana and Ethereum ecosystems; providing investors with a simple and secure way to interact with the ecosystem’s multiple blockchain networks.

In addition to wallets, hackers fake the sites of decentralized exchanges, including Uniswap and PancakeSwap. CPR experts recommended that cryptocurrency owners refrain from clicking on ads and use only direct known URLs.

Broadcasting Bitcoin fraud

Recall that previously, YouTube channels hacked and rebranded for live-streaming crypto scams. Google’s Threat Analysis Group (TAG) reported that a continuous phishing campaign targeting YouTube producers led to the hacking and sale of channels used to broadcast Bitcoin fraud.

According to the TAG, the attacks carried out by a group of hackers recruited from a Russian-speaking forum who hacked the creator’s channel by posing as collaborators.

“A huge number of hijacked channels have been renamed and are now live-streaming crypto scams. Theft of channels ranged from $3 to $4,000 USD on account-trading marketplaces, depending on the number of subscribers.”

Previous articleCelsius Network acquired GK8 for $115M
Next articleEnjin forms $100M fund to support metaverse projects