HomeNewsCoinZilla Ads Used To Hack MetaMask Accounts, Say Dex Platforms
CoinZilla Ads Used To Hack MetaMask Accounts, Say Dex Platforms
May 15, 2022
At a time when the crypto industry is facing the most difficult times, a phishing attack through CoinZilla Ads have hit one of its most important platforms.
MetaMask, a decentralized exchange platform, was attacked by hackers who tried to steal users’ cryptocurrency by tricking them into connecting their wallets to a website called NFTApes.win.
The scam works by tricking you into connecting your MetaMask wallet to a website called nftapes.win. Once you connect your wallet, it will be vulnerable to theft by the scammers who created this fraudulent site.
According to the information available, the phishing attack was designed to connect users’ crypto wallets with the website nftapes.win and steal coins from their wallets.
Finding The Cause Of Abnormal Pop-ups
The increasing number of users reporting the issue made MetaMask investigate it further and found out that it was indeed a phishing attack designed to steal cryptocurrencies from users’ wallets connected with this website.
This phishing attack aims to take advantage of the trust users have in MetaMask and other Dex platforms and convince them to connect their crypto wallets to the website. Once you do that, the attacker will be able to access your wallet with your credentials and steal your funds.
Other big names in the Dex industry, including Dextools, Coingecko and Etherscan, have also alerted the users to be aware of the ongoing phishing attack on their platforms and not proceed with any transactions through a pop-up.
Etherscan found that their connection with a third-party crypto ad network known as CoinZilla was the root cause of the phishing attempt after conducting an inquiry into the matter. The Dex platform said that attackers had been able to gain access to the users’ crypto wallets through a malicious script served through the CoinZilla ads network.
CoinZilla is a large crypto ad network that claims to serve over 1 billion ad impressions over 600 crypto domains per month. It’s unclear exactly what happened, but it appears that the attackers used CoinZilla Ads to launch one or more phishing attacks. All the Dex platforms having the CoinZilla integration have disabled the ad network to delimit the phishing attack.
Dex Platforms Disabled CoinZilla Ads
CoinGecko said, ‘We have paused CoinZilla ads for now; nevertheless, there may be some delay due to CDN caching. The attackers used a crypto advertising network known as Coinzilla to launch the phishing attack. We are keeping a close eye on the developing scenario. Take precautions, and under no circumstances should you link your Metamask on CoinGecko.’
Another crypto-based Dex website, which goes by DexTools, also fell prey to the attack. It warned users to “please be alert and don’t sign dubious requests asking to connect your wallet.” It further said that “we are banning all advertisements until CoinZilla addresses the matter.”
Etherscan has also cut ties with CoinZilla’s ad network following an incident that caused concern among users.
According to a statement from Etherscan, the company disabled its integration with the ad network while it investigated what happened.
“We have disabled the CoinZilla ad integration for a while,” the statement said. “We’re investigating what happened.”
CoinZilla Ads Network’s Counteraction Against The Attack
Within hours after the Dex platforms started disabling their integration with the ad network, CoinZilla clarified that the problem had been located and fixed. The company made it clear that the services were not affected.
The company explained that a single campaign that included malicious code succeeded to bypass its automatic security checks, which could bypass the company’s safeguards. The malicious script ran for an hour before staff intervened and locked the account.
Coinzilla has become aware of a security breach that resulted in the introduction of malware into some of its advertisements.
‘While neither the advertisers nor the publishers were at fault, we take full responsibility for the incident and work quickly to restore our users’ trust.’ Said CoinZilla.
At this time, it is not yet clear how this attack has impacted many users. However, in close collaboration with our publishers, CoinZilla has said to provide assistance to users affected by the phishing attack, identify the individual responsible for it, and take appropriate action.
Earlier Attacks The On Crypto Network
The crypto community is not new to such attacks, as there have been multiple cases in the past where hackers have tried to trick people into giving up their private keys and other sensitive information. These phishing scams usually involve emails or social media posts that direct users to websites designed specifically for stealing passwords and further important details associated with accounts controlled by people using these services.
In November 2021, a phishing attempt used Google Ads Network to conduct the attack . The goal of this attack was to either steal credentials from users or deceive them into signing into the attacker’s wallet so that the attacker could become the new beneficiary of any transactions.
Users of MetaMask had also been the victim of fraudulent emails in the past, masked as verification requests purportedly coming from the cryptocurrency wallet. In some cases, these emails contained links that directed users to fake websites designed specifically for stealing their private keys or other sensitive data associated with their accounts.