Categories: News

CipherTrace warns of surge in funds lost to MetaMask phishers

Phishers are coming after MetaMask users in increasingly clever ways.

Cyber Security firm CipherTrace has issued a warning after noting a surge in reports over the past 24 hours of users funds being stolen by a malicious Chrome browser extension posing as popular crypto wallet MetaMask.

The warning was issued under the headline “ALERT: Malicious Crypto Browser Extension—Masked MetaMask” and reported the company had seen “an uptick of alerts and comments within the online cryptocurrency community of users’ funds being stolen.”

In response to online criticism that MetaMask is not doing enough to steer its users away from potentially harmful websites and downloads, MetaMask’s Chief Product Officer Jacob Cantele asked Twitter what more the company should do?

“How can we improve? Currently we’re warning in multiple places within the product, we maintain a phishing detector that warns about tens of thousands of malicious sites, we do regular security marketing campaigns, and we have legal resources to trying to get these sites removed.”

Links to fake MetaMask sites are being inadvertently reposted by cryptocurrency projects and reportedly show up frequently as Google Ads above the first result in Google searches for the term “metamask.”

The scam works like this: After arriving at a phishing website that looks just like the real MetaMask site or downloading a malicious browser extension, users are directed to enter their 12 word seed to connect their wallet. The seed is captured by the phisher and the wallet drained of funds.

MetaMask stated that the best way to avoid being phished is to download the software only from its official site, or from inside the Google Chrome store, but never by clicking links on other websites.

For those who already have the MetaMask Chrome extension installed, MetaMask will display a warning in bright red if a user attempts to visit a website previously reported as a phishing site.

MetaMask users who are unsure if a website has been reported as malicious are encouraged to visit CryptoScamDB and enter the website URL or IP address where it will be cross-referenced against a database of reported scam and phishing websites.

In October, MetaMask announced that it had surpassed one million active users on a monthly basis, largely thanks to the acceleration of the DeFi trend over the summer and fall. Rising Ether prices and a large user base suggest this type of phishing attack won’t be going away anytime soon.

[…]
Learn more

crypto

Leave a Comment

Recent Posts

Mt. Gox Bitcoin Movements: Market Impact and Ex-Client Risks

The defunct cryptocurrency exchange Mt. Gox is making waves again, this time with huge Bitcoin…

5 months ago

Taproot Assets: Revolutionizing Bitcoin’s Lightning Network

Lightning Labs, a leading developer in Bitcoin's Lightning Network ecosystem, has launched a groundbreaking protocol…

5 months ago

Whale With Ethereum Foundation Link Transfers 92,500 ETH Worth $288M 

According to onchain data, a significant whale holding over 92,500 ether moved the funds to…

5 months ago

Discover the Skinny Bob MemeCoin: NFTs, Multi-Chain, and Cosmic Humor

🛸Inspired by the internet's favorite extraterrestrial, Skinny Bob MemeCoin is revolutionizing the cryptosphere across multiple…

5 months ago

Uncovering the Risks of NFTs for Creators and Buyers

NFTs, or non-fungible tokens, are transforming various industries, including art, music, sports, and real estate.…

5 months ago

Proton Technologies AG Unveils Open Source Bitcoin Wallet

Proton Technologies AG, the Swiss company renowned for its encrypted email and VPN services, has…

5 months ago