In the letter
- CipherTrace has identified a malicious website claiming to be MetaMask.
- The URL of the apparent phishing attack redirects users to a website that looks almost identical to MetaMask.
- A Twitter user expressed his concerns about this website with MetaMask in a tweet.
Cryptocurrency risk intelligence firm CipherTrace reported yesterday that it saw an increase in posts that presumed user funds were stolen via a phishing attack of the Chrome browser extension disguised as MetaMask of the popular Ethereum wallet.
MetaMask, a browser plug-in that acts as an Ethereum wallet, provides users with access to a unique Ethereum address needed to buy and sell Ethereum or Ethereum-based tokens. But MetaMask’s wallet is online, which means it can be vulnerable phishing attacks, in which scammers exploit a user’s personal information.
“Over the past 24 hours, CipherTrace has noticed an increase in warnings and comments within the online cryptocurrency community of user funds stolen via a Chrome Browser Extension phishing attack posing as a cryptocurrency wallet and browser extension. MetaMask, ”CipherTrace said yesterday.
The alleged fraudulent browser extension redirects to a URL that was first seen eight days ago, on November 26, 2020, according to Whois data provided by CipherTrace.
Not long ago, users started informing CipherTrace that this wallet was malicious. On November 28, 2020, a Twitter user using the “dmazorosete” handle contacted MetaMask suggesting that the website “looks like a scam”.
To date, dmazorosete has not received a response from MetaMask about this tweet.
Also, based on the screenshots shared by CipherTrace, the phishing site looks identical to MetaMask itself. This is designed to trick users into believing it is the real site. But appearances can be deceiving.