Data leak
"MetaMask scammers take over government websites to target crypto investors"
Primary Source ↗Incident Details
Phishing scammers hoping to lure victims into visiting fake websites resembling that of the popular MetaMask crypto wallet have adopted a new approach: compromising government websites. CoinTelegraph identified websites on domains belonging to the governments of countries including India, Nigeria, Egypt, Colombia, Brazil, Vietnam that had been compromised and modified to redirect to these scam sites. Some of them included the websites of the Nigerian postal service and, ironically, of Egypt’s Consumer Protection Agency.Once victims visit the fake site, they’re prompted to connect their MetaMask wallets to access various services, which would allow the scammers to steal any assets in the wallets.
Technical Details
- Initial Attack Vector
- Phishing attack
- Vendor / Product
- MetaMask phishing
Timeline
- 2023-09-05 Breach occurred
- 2023-09-05 Publicly disclosed