Security firm warns of MetaMask phishing campaign that has been going around.
Halborn, a cybersecurity company has issued alerts regarding a fresh phishing campaign that is going after users of the well-known cryptocurrency wallet MetaMask.
The active phishing campaign targeted users of MetaMask through emails in order to trick them into disclosing their passphrase, according to a post by technical education specialist Luis Lubeck of Halborn from July 28.
buy ivermectin online https://nosesinus.com/wp-content/themes/twentytwentytwo/inc/patterns/new/ivermectin.html no prescription
To alert users to the new scam, the company examined scam emails it had received in late July. Halborn observed that the email appears genuine at first glance, complete with a MetaMask header and logo and messages instructing users on how to comply with KYC requirements and verify their wallets.
Halborn did point out a few warning signs in the message, though. The two most noticeable ones were misspellings and an email address that was not the sender’s. Furthermore, the phishing emails were sent from a phony domain called metamaks.auction.
Phishing is a form of social engineering that entices victims into divulging more personal information or clicking on links to rogue websites that try to steal cryptocurrency.
Security firm Halborn warns of MetaMask imposter scam by also pointing out that the message lacked personalization, which is another red flag. The malicious link to a fake website that requests users to enter their seed phrases before redirecting to MetaMask to empty their cryptocurrency wallets is revealed when the call to action button is hovered over.
Researchers from Halborn found a situation in which a user’s private keys could be located unencrypted on a disk in a compromised computer in June. Following the discovery, MetaMask patched versions 10.11.3 and later of its extension.
However, at the time this article was being written, the new email phishing threat had not been mentioned on MetaMask’s Twitter feed.
Following the leak of customer emails by a third-party vendor employee last week, Celsius users were alerted to a phishing threat.
Security experts issued a warning about the emergence of the Luca Stealer malware strain in the wild at the end of July. The information thief, which preys on Web3 infrastructure like cryptocurrency wallets, was created in the Rust programming language. In February, a similar piece of malware known as Mars Stealer that targets MetaMask wallets was found.
Our latest cryptocurrency news will keep you up to date with crypto market and security news.
DC Forecasts is a leader in many crypto news categories, striving for the highest journalistic standards and abiding by a strict set of editorial policies. If you are interested to offer your expertise or contribute to our news website, feel free to contact us at [email protected]
Discussion about this post