Blockchain security firm warns of new MetaMask phishing campaign

Blockchain security firm Halborn has warned users of the latest phishing emails being circulated.

A cybersecurity firm has warned of a new phishing campaign targeting users of the popular cryptocurrency wallet MetaMask.

In a post written on Thursday by Halborn technical education specialist Luis Lubeck, the active phishing campaign used emails to target MetaMask users and trick them into giving their passphrase. 

The company analyzed the fraudulent emails it received in late July to warn users of the new scam. Halborn noted that, at first glance, the email looks authentic, with a MetaMask header and logo and messages telling users to comply with Know Your Customer (KYC) regulations and how to verify their wallets.

However, Halborn also pointed out that there are several red flags in the message. Misspellings and a fake sender’s email address are two of the most obvious. In addition, a fake domain called metamaks.auction was used to send the phishing emails.

Phishing attacks are social engineering attacks that use emails to try to get victims to reveal more personal details or click on links to malicious websites that try to steal their cryptocurrencies.

The company noted that the message was also not personalised, which is another warning sign. Hovering over the call-to-action button reveals the malicious link to a fake website that asks users to enter their seed phrases before redirecting them to MetaMask to empty their cryptocurrency wallets.

Halborn, which raised USD 90 million in a Series A round in July, was founded in 2019 by ethical hackers offering blockchain and cybersecurity services.

In June, Halborn researchers discovered a case where a user’s private keys could be found unencrypted on a disk of a compromised computer. MetaMask patched its extension versions 10.11.3 and later following the discovery.

However, at the time of writing, there was no mention of the new email phishing threat on MetaMask’s Twitter feed.

Last week, Celsius users were warned of a phishing threat following the leak of customer emails by an employee of a third-party provider.

At the end of July, security researchers warned of a new strain of malware called Luca Stealer. The information stealer has been written in the Rust programming language and targets Web3 infrastructure such as such as wallets. A similar malware, called Mars Stealer, targeting MetaMask wallets, was discovered in February.

Source: Cointelegraph

Disclaimer: The information set out herein should not be taken as financial advice or investment recommendations. All investments and trading involve risk and it is the responsibility of each individual to do their due diligence before making any investment decision.

Leave a Comment

Scroll to Top