Blockchain, Crypto Mining News, Don't Miss, Fraud and Scams, Hot News, News & Updates

MetaMask; Phishing Bot’s New Target

A Crypto Phishing bot attacks MetaMask!

The famous wallet software has warned its users against a Twitter bot that deceives users about their crypto.

MetaMask alerted its users about a phishing bot that tries to steal seed phrases.

“[The phishing request] comes from an account that looks ‘normal’ (but few followers), helpfully suggests filling out a support form on a major site like Google sheets (hard to block), [and] asks for your secret recovery phrase,” MetaMask tweeted.

MetaMask is a browser extension for Ethereum users to interact with Ethereum-based decentralized applications (dapps). The extension works as a wallet where the keys to their tokens can be stored. It can be secured with a 12-word seed phrase after the registration. Anyone who can access the 12 words could drain the MetaMask wallet of funds.

Phishing Bot attacks metamask

The damage of the phishing attack is not yet specified. But it seems that some of the replies to MetaMask’s post on Twitter that a lot of users unknowingly shared their seed phrases with the attackers.

“So there is no way to get back our token right?,” one user wrote. “Someone moved my .1, .5 eth to same wallet address,” wrote another.

Some public blockchains are tracking the transfers of funds, however the owners are still anonymous. Because of this, funds could not be recovered. But there is also a chance: White hacker Harry Denley broke into a phishing scam and returned $16,000 of cryptocurrency to its owner.

Phishing Attacks All Over the Internet

Last December, another phishing attack occurred where CipherTrace saw a malicious website that is pretending to be MetaMask, and users couldn’t tell them apart unless paying attention to the site’s URL address.

However, the seed phrase-stealing bots are scattered on the internet, and they are very quick.

A Reddit user last May lost $1,200 in Ethereum after uploading their seed phrase to Github by mistake. In just two minute, the attacker used the seed phrase to drain the wallet.

“I just want you all to be aware to NEVER have a digital copy of your mnemonic or private key,” the user, “tycooperaow”, wrote.

How to prevent such attacks?

phishing bot attacks

It has been often advised by MetaMask that users must keep a hard copy of their seed phrases, like on a piece of paper, and keep it where it is safe.

The attack comes when MetaMask use remarkably increased in just a matter of time. The number of its users grew by 500% in the last six months.

📣 Cryptonetwork.News is now on Telegram. Click here to join our channel and stay updated with the latest Cryptocurrency, Blockchain, and Cryptomining headlines

Leave a Comment

Leave a Reply