Metamask Faces Phishing Attacks As Website Redirects Users

Metamask Faces Phishing Attacks As Website Redirects Users

Ciphertrace, a risk evaluation handle, notified the public of recent website redirection, which has been identified as phishing attacks. The firm explained that there had been many complaints in the cryptocurrency space of stolen funds in the google chrome extension. The information has led to a lot of tension for unsuspecting cryptocurrency investors who have Metamask wallets.

It explained that the new website directed to is a replica of the popular wallet. The Ethereum wallet has been vulnerable to phishing attacks, some sources claim. Metamask, as a wallet, is widely used to receive access to addresses where Ethereum would be quickly sold and purchased. The wallet also allows customers to buy Ethereum tokens, the plugin being a trusted Ethereum exchange platform.

Security critics have often criticized Metamask’s vulnerability due to being an online platform, can easily be attacked by hackers. There is also a significant risk of customer’s data being exposed to the public or sold to private buyers. Ciphertrace explained that there had been an increased complaint of stolen funds on social media by cryptocurrency community members following the phishing attack on the chrome extension.

How the suspicion of the attacks started

The first time the browser extension redirected people to the malicious website occurred not more than eight days ago, given by Whois data. Following the recent increase of the redirection, information increased based on that incidence. Ciphertrace also received a tweet from a crypto enthusiast, who opined that the website looked like a scam. The Ciphertrace did not reply to the individual, but people believed the firm did not want to create tension in the community.

Regular visitors to the original webpage confirmed the strange closeness the two websites shared. The fraudulent website was intentionally made to replicate the original website to deceive its customers, access their data and, steal their funds.

Jacob Cantele explains how google ads contributed to the attacks

Apart from the regular phishing attacks, Metamask owners face a series of criticism on social media, condemning the website for not warning them ahead of time, leading to stolen assets in some wallets. The website’s product officer, Jacob Cantele, appealed to the angered customers and requested their meaningful suggestions to improve the website.

He explained that the website had phishing detectors, which warned users ahead of time to prevent them from being directed to dangerous websites. He revealed that the detector alerts thousands of individuals, but it is worrisome for customers to get still directed to fake websites.

Some Google ads redirect the clicker to some malicious websites which are identical to the consumers. The google ad often pops up when people search for ‘Metamask’ on the search engine. Some individuals who cannot tell the website apart fall for the fraudulent trick of those websites.

The Metamask team encouraged people to use direct links to their website, rather than clicking google ads, who sometimes have phisher’s link to masquerade as the original. The team warned against clicking the sponsored website when they use the search engines.

Metamask explained that phishing sites coerce their customers to enter seed to connect to their wallets. Once the hackers get access to the security seed, they access their wallet on the original Metamask website and transfer assets.

David Pražák