- Malicious pop-up is prompting users to connect their MetaMask wallets
- Phishing attack stems from a domain displaying the Bored Ape Yacht Club logo
Leading crypto data websites Etherscan, CoinGecko, DeFi Pulse and others have suffered incidents of a malicious pop-up prompting users to connect their MetaMask wallets, CoinDesk reported early this morning.
Attack came from BAYC-linked domain
The phishing attack appeared to stem from a domain displaying the Bored Ape Yacht Club (BAYC) logo. CoinDesk reported further than the site linked to the domain seemed to have been taken down at time of publication.
A WHOIS lookup showed that the domain was registered around 3 PM ET on May 13.
In a tweet, Etherscan urged users to exercise caution:
CoinGecko tweeted:
CoinGecko founder Bobby Ong told CoinDesk in a Telegram message:
We are investigating the cause of this attack to fix it as soon as possible. The situation is most likely caused by a malicious ad script by Coinzilla, a crypto ad network – we have disabled it now. We are monitoring the situation further.
Bankless Times is monitoring reports on the news and all relevant developments.