- CipherTrace has identified a malicious website posing as MetaMask.
- The URL of the apparent phishing attack redirects users to a website that looks almost identical to MetaMask.
- One Twitter user raised his concerns about this website with MetaMask in a tweet.
Cryptocurrency risk intelligence firm CipherTrace reported yesterday that it had seen an increase in posts alleging user funds have been stolen via a Chrome browser extension phishing attack masquerading as popular Ethereum wallet MetaMask.
MetaMask—a browser plugin that serves as an Ethereum wallet—provides users access to a unique Ethereum address necessary to buy and sell Ethereum or Ethereum-based tokens. But MetaMask’s wallet is online, which means it can be vulnerable to phishing attacks—where scammers exploit a user’s personal information.“Within the past 24 hours, CipherTrace has noticed an uptick of alerts and comments within the online cryptocurrency community of users’ funds being stolen via a Chrome browser extension phishing attack posing as cryptocurrency wallet and browser extension MetaMask,” CipherTrace said yesterday.
The allegedly fraudulent browser extension redirects to a URL that was first seen eight days ago on November 26, 2020, according to Whois data provided by CipherTrace.
Not before long, users started informing CipherTrace that this wallet was malicious. On November 28, 2020, a Twitter user that goes by the handle “dmazorosete” contacted MetaMask suggesting the website “looks like a scam.”
I clicked in the add. Same content as in metamask. The url is https://t.co/cyg1LYw4Vy It looks like a scam. Please @metamask team check it out. I might be wrong. "fake" web here 👇👇 pic.twitter.com/S9NYlDtf0R
— Diego Mazo 🌴 (@dmazorosete) November 28, 2020