Cryptocurrency owners can't seem to catch a break lately.
A recent report from Coin Desk revealed that various crypto websites have been reporting incidents of an ill-willed pop-up window encouraging users to connect their MetaMask wallets to "nftapes.win."
The "nftapes.win" domain has already been disabled as of the writing of this article.
MetaMask Phishing Scam Details
According to Coin Desk's article, users of cryptocurrency websites, such as Etherscans, CoinGecko, DeFiPulse, and DexTools, have been targeted by a phishing scam.
The phishing scam involves a malicious pop-up featuring the Bored Ape Yacht Club logo, complete with an ape skull logo, as The Verge describes the pop-up window, and the previously mentioned "nftapes.win" domain, which is now disabled.
A quick WHOIS lookup showed that the "nftapes.win" domain was newly registered, with the domain being entered into the registry at around 3 p.m. ET.
The pop-up window prompted users to connect their MetaMask wallets to use on the site, which users, unfortunately, did due to the trustworthiness associated with the crypto website the pop-up window appeared with.
Update: The situation is caused by a malicious ad script by Coinzilla, a crypto ad network - we have disabled it now but there may be some delay due to CDN caching. We are monitoring the situation further. Do stay on alert and don't connect your Metamask on CoinGecko. https://t.co/NY0ppKecIG
— CoinGecko (@coingecko) May 13, 2022
CoinGecko tweeted on its official Twitter account that the pop-up window connected to the phishing attack was caused by a malicious ad script by Coinzilla, a crypto ad network. Although they disabled the pop-up window, there may be a slight delay due to CDN caching.
"We are monitoring the situation further. Do stay on alert and don't connect your Metamask on CoinGecko," CoinGecko added.
Other cryptocurrency websites have also released a warning to their users to be aware of the pop-up window, with some of them posting said announcement on their official Twitter pages.
One of the cryptocurrency websites involved, Etherscan, mentioned in its announcement that it had received reports of phishing popups via a 3rd party integration, which it is currently investigating. It also added a warning to all Etherscan users not to confirm any transaction that pop up on the website.
We are disabling all ads until the situation is clarified by @adsbycoinzilla . Please be aware and don't sign suspicious requests at your wallet. DEXTools does not automatically request any permissions. 🚨🚨 https://t.co/gC7Oebkj0R
— DEXTools (@DEXToolsApp) May 13, 2022
DexTools also found that Coinzilla enabled the pop-up window to appear with the affected cryptocurrency websites, with it saying on its official Twitter page that it is disabling all ads until Coinzilla can clarify the situation.
"The attack currently live against @etherscan @DEXToolsApp @coingecko and more is due to the use of coinzilla - a crtyptoad network..." DexTools said in its prior announcement. "Do not sign any requests delivered to your Metamask!"
As the situation is still developing as of the publication of this article, it is still unknown how many cryptocurrency owners were affected and much in cryptocurrency was stolen by the phishing scam.
The Great Crypto Crash of 2022?
Cryptocurrencies were reported to be in a state of free fall five months later in 2022, with Bitcoin falling in value following a broader stock sell-off in the US last week, throwing the crypto market into a panic and causing the cryptocurrency to drop approximately 10% in value.
Ethereum was not spared either, with it dropping 22% on May 12 — levels not seen since the crypto market began surging in late 2020, as Forbes described it.
UK-based online publication iNews mentionedin its report that investor appear to be moving moving away from cryptocurrencies, viewing them as risy investments in the face of global inflation.
