Government Websites in Multiple Countries Used to Divert Users to Fake MetaMask Platforms in Crypto Scam
Crypto News – Crypto scammers have been using official government websites in India, Nigeria, Egypt, Colombia, Brazil, Vietnam, and other regions to trick MetaMask users and gain unauthorized access to their cryptocurrency holdings.
MetaMask, an Ethereum-based cryptocurrency wallet, has long been a prime target for fraudulent activities. This involves luring unsuspecting users to counterfeit websites that request access to their MetaMask wallets. An investigation by Cointelegraph revealed that several government-owned websites have been exploited to execute this scam.
These official government websites, spanning across various countries, have been discovered redirecting visitors to fake MetaMask websites, as detailed below.
Upon being alerted to these ongoing scams, MetaMask promptly acknowledged the issue. The MetaMask security team cited the rapid growth potential of Web3 as a factor that attracts scammers and malicious actors.
When a user clicks on any of the deceptive links embedded within government websites, they are redirected to a counterfeit URL instead of the legitimate “MetaMask.io” website. Upon arrival, Microsoft’s built-in security tool, Microsoft Defender, issues a warning regarding a potential phishing attempt.
If users disregard this warning, they are presented with a website that closely mimics the official MetaMask platform. These fraudulent websites eventually prompt users to connect their MetaMask wallets to access various services.
The screenshot above illustrates the striking resemblance between the genuine and counterfeit MetaMask websites, a key factor leading investors into this trap. Granting access to MetaMask wallets on these fraudulent platforms gives scammers full control over the assets stored in those particular wallets.
Regarding the phishing websites uncovered by Cointelegraph, the MetaMask security team stated:
“We are incorporating specific detection mechanisms, including metadata, indicators, TTPs (Tactics, Techniques, and Procedures), etc., from this ongoing campaign into our security systems. Our aim is to detect and counteract such attacks as soon as they emerge, ideally preventing them from reaching users altogether or at least minimizing their impact.”
As crypto investors face a growing number of attacks, MetaMask encourages potential victims to promptly report any suspected scams.
In the event of a compromised seed phrase, MetaMask advises users to cease using the compromised recovery phrase and generate a new one from an uncompromised device. It’s important to note that MetaMask does not request Know Your Customer (KYC) information from its users.
The wallet provider clarified that the reported theft of 5,000 ETH occurred “from various addresses across 11 blockchains,” emphasizing that the assertion that these funds were stolen directly from MetaMask is inaccurate.
Speaking to Cointelegraph, Ohm Shah, co-founder of Wallet Guard, revealed that the MetaMask team has been conducting exhaustive research, yet there is still no definitive explanation for how this breach occurred.
Leave a comment