Blockchain security firm warns of new MetaMask phishing campaign

A cybersecurity company has warned about a new phishing attack targeting MetaMask users.

Luis Lubeck (Halborn’s technical education specialist) wrote a July 28 blog post about the active phishing campaign that used email to target MetaMask users, tricking them into entering their passphrase.

To warn people of this new scam, the firm reviewed all scam emails received in July. Halborn pointed out that the email appears authentic at first glance. It has a MetaMask logo and header, along with messages telling users to follow KYC regulations and verify their wallets.

Halborn noted that there were several red flags in the message. Two of the most obvious were spelling errors and an email address from a fake sender. The phishing emails were sent from a fake domain, metamaks.auction.

Phishing refers to a social engineering tactic that uses targeted emails to lure victims to reveal more personal information or click links to malicious websites to steal crypto.

The firm also noted that there was no personalization in this message. This is another warning sign. Clicking on the call to actions button will reveal a malicious link to a website that prompts users for their seed phrases, before redirecting them to MetaMask where they can empty their crypto wallets.

Halborn raised $90 million in Series A in July. It was founded by ethical hackers who offer cyber security and blockchain services.

Researchers at Halborn discovered that a user’s personal keys could have been unencrypted on a hard drive in a compromised computer. Following the discovery, MetaMask updated its extension versions to 10.11.3 and later.

At the time of writing, however, MetaMask did not mention the email phishi threat.

Related: Celsius confirms email leaks by clients: Phishing risks increase

Celsius users were alerted last week to a possible phishing threat after an employee of a third-party vendor leaked customer emails.

Security researchers alerted security experts to the possibility of Luca Stealer, a new strain of malware, appearing in the wild in late July. This information stealer was written in Rust programming language. It targets Web3 infrastructure, such as crypto wallets. Similar malware, called Mars Stealer, was found targeting MetaMask wallets.

2021's Most Anticipated Growth & Wealth-Building Opportunity

Join Thousands of Early Adopters Just Like You Who Want to Grow Capital and Truly Understand Cryptocurrency Together

Jason Basler

Jason Basler– Financial Updates My Name is Jason Basler and I am also the main source from the ‘Topnewsscoop.com’ of all the exclusive and most delicate visualization of the activities in the business sector. My first step towards this journey was taken in the very early years of my life. I started with an independent financial consultant. However, I only had almost 4 years of skills and experience in this market. I have always been a free personality and like to fly one place to another, to explore more and more. Moreover, this passion and craze of traveling gave me a chance to report a section for best news associations. Last but not least, I am presently working full-time as an editor. Address: 4830 Crim Lane Dayton, OH 45402, United States of America Phone Number:  +1 937 727 7917 Email: [email protected]

2021's Most Anticipated Growth & Wealth-Building Opportunity

Join Thousands of Early Adopters Just Like You Who Want to Grow Capital and Truly Understand Cryptocurrency Together

Close Bitnami banner
Bitnami