According to an alert published by Ciphertrace, since December 2, 2020, they have been noticing “an uptick of alerts and comments” about crypto funds stolen via a Chrome browser extension posing as the ethereum (ETH)-based wallet Metamask.
The fraudulent extension redirects victims to installmetamask.com, which is not an official site of Metamask. Per Whois information, the web domain was registered on November 29, 2020. Ciphertrace found out the first mention in Twitter of the fraudulent domain from a user who asked Metamask team about the site’s authenticity.
The screenshots taken to the fake MetaMask site mirrors the real one:
Moreover, U.S.-based Ciphertrace posted an update on December 3, 2020, detailing that phisher behind Metamask’s fake extension keeps buying sponsored ads on Google, which appear when people search for “metamask” term.
This time, sponsored ads have been relying on other domain names by attempting to impersonate Metamask. One of the domains (meramarks.io), however, is offline as of press time.
if (!window.GrowJs) { (function () { var s = document.createElement(‘script’); s.async = true; s.type = ‘text/javascript’; s.src = ‘https://bitcoinads.growadvertising.com/adserve/app’; var n = document.getElementsByTagName(“script”)[0]; n.parentNode.insertBefore(s, n); }()); } var GrowJs = GrowJs || {}; GrowJs.ads = GrowJs.ads || []; GrowJs.ads.push({ node: document.currentScript.parentElement, handler: function (node) { var banner = GrowJs.createBanner(node, 31, [300, 250], null, []); GrowJs.showBanner(banner.index); } });
The firm has been in contact with the crypto wallet company about the situation. Also, Metamask issued the following warning through their official Twitter account:
@Google is allowing a phisher to buy sponsored ads on their search results. When using crypto, try to use direct links, and if you need to use search, watch out for sponsored links.
Back on January 02, 2020, Google reversed its decision to ban the Metamask app from the Play Store, as per request from the crypto community.
In 2019, the company argued that its strict content policy on apps that expose users to “deceptive or harmful financial products and services” was a reason for the ban.
Have you or a friend been a victim of similar crypto-related phishing scams? Let us know in the comments section below.
The post Fraudulent Crypto Browser Extension Redirects to a Fake Metamask Domain appeared first on Bitcoin News.
[…]
Learn more
The Tulip Prize [1] was awarded yesterday to François Villeroy de Galhau for a speech…
Senator Elizabeth Warren, supported by other senators, today introduced a bill titled the “Digital Asset…
President Volodymyr Zelensky today signed the “virtual assets” law adopted by the Ukrainian parliament on…
Joe Biden today signed an executive order asking the federal government to assess the risks…
After the implementation of the Ethereum blockchain in the consensus Proof-of-Stake model called “Beacon Chain”,…
It hung in the face of investors, this correction. And if the movements of Bitcoin…
Leave a Comment