Beware of a New Phishing Campaign Targeting Metamask Wallets
A cybersecurity company has made warnings about a new phishing campaign that is aimed at users of the popular cryptocurrency wallet MetaMask.
Luis Lubeck, a technical education specialist at Halborn, explained in a piece published on Thursday that the active phishing campaign targeted users of MetaMask by sending them emails to get them to reveal their passphrases.
To alert users to the new scam, the company studied the fraudulent emails it got around the end of July. According to Halborn, the email appears genuine since it has a header and a logo belonging to MetaMask. Additionally, the email contains notes instructing users on how to comply with Know Your Customer (KYC) rules and how to validate their wallets.
Halborn also pointed out that the message contains several warning signs. Two of the most glaring red flags were the misspellings as well as the bogus sender’s email address. In addition, the phishing emails were sent via a sham website that used the domain name metamaks.auction.
What is Phishing Attack?
Phishing attacks are a form of social engineering that include sending targeted emails to victims in the hopes that they will either divulge additional personal information or click on links that take them to malicious websites that seek to steal cryptocurrency.
The fact that the message was not personalized was cited as another red flag by the company as being suspicious behavior. Users are prompted to enter their seed phrases before being redirected to MetaMask, where their cryptocurrency wallets are emptied when the call to action button hovers over. The link to the malicious website is shown when the user moves their mouse pointer over the button.
2019 saw the launch of Halborn, a company that provides blockchain and cybersecurity services founded by ethical hackers. In July, the company raised $90 million in a Series A round of funding.
Researchers from Halborn observed a scenario in which a user’s private keys may be located on an unencrypted disk on a computer that had been compromised in June. After the vulnerability was discovered, MetaMask issued a patch for extension versions 10.11.3 and later.
At the time this article was written, there was no mention of the newly discovered email phishing threat on the Twitter feed associated with MetaMask.
Following the disclosure of customer emails by a worker for a third-party vendor, customers of the Celsius platform were issued a phishing threat warning one week ago.
Late in July, experts concerned with computer security issued a warning about a new strain of malware known as Luca Stealer that had been spotted in the wild. The information stealer was developed using the computer language Rust, and its intended victims include Web3 infrastructure components like cryptocurrency wallets. In February, researchers uncovered a piece of malware known as Mars Stealer that targeted MetaMask wallets.
More News Stories: