In order to steal cash, at least the thieves had to have the courage to break into the bank or into private property, to risk being caught at the very moment of the burglary. Crypto hackers remain hidden behind their screens, imagining a thousand and one stratagems to trap cryptophiles who lack vigilance. Their recent target: Ethers (ETH) of MetaMask users, with a phishing site to crack wallets.
It bites on MetaMask users!
December 2, 2020 Cipher Trace reports the existence of a phishing attack targeting wallets ETH users of MetaMask.
Company noticed explosion within 24 hours, reports of crypto thefts by extension Chromium malicious.
When a user downloads a fake extension MetaMask, he is redirected to a website belonging to hackers, where he is invited to connect to his wallet using his seed phrase.
The hacker only has to retrieve his connection data to access his ETH and serve.
We did our duty
By searching Whois, the fraudulent extension links to a URL that was first discovered on November 26, 2020.
On November 28, 2020, the twitto @dmazorosete warns MetaMask on the potentially fraudulent nature of the site.
As criticisms mount against MetaMask, one of the managers, Jacob Cantele, replied that the company issued several alerts, used a phishing detector and regularly ran awareness and safety campaigns.
It recommend to download the software only from the official website or from the store Google chrome, not from links on other websites.
Users who have suspicion about the malicious nature of a site, are invited to visit CryptoScamDB where the IP address will be matched with a database of phishing websites.
For those who have already installed the extension Chromium of MetaMask, the latter displays a red alert if users are on a site that has been previously reported as a phishing site.
Cryptoassets are highly volatile unregulated investment products. No EU investor protection. Your capital is at risk.
MetaMask announced in October 2020 that it recorded 1 million monthly active users, a performance due in particular to the explosion of DeFi during the summer of 2020. Hackers saw a large market for pigeons or fish to trap. MetaMask is trying to clear its way by citing the fact that it has fulfilled its cybersecurity obligations – and are not bound by an obligation of result. Maybe one day we will put real names on these crypto hackers, when we manage to remove their masks.
Litecoin, welcome in the Silver Age