By Nathan Ferguson
According to reports, various popular cryptocurrency websites became subject to a major cryptocurrency phishing scam through a venerability in the advertising network, Coinzilla.
The Attack and its Causes
Regarding the latest reports shared, more than a dozen cryptocurrency website experienced a major phishing attack. The websites included many well-known and popular platforms such as, Etherscan, Quickswap, CoinGecko and several others. The result of this attack lead to the hackers acquiring precious tokens from thousands of wallets across different platforms and websites, leaving many unfortunate users in shambles.
As to how the scam was commenced, users of the abovementioned websites and platforms were requested to accept an unusual transaction using their wallets. The attackers managed to plant a fake NFT giveaway option by mimicking the globally popular and most valuable Bored Apes Yacht Club NFT collection. Currently the value of items in the NFT collection are hovering in the $200,000 range, but the attackers were offering the mimicked collection for free, attracting users to accept the fake deal.
Coinzilla’s Flawed Security Systems
Many crypto experts like Jon_HQ reported the incident through a tweet thread on social media platform twitter, stating the attack was live because of the use a cryptoad network by the name of Coinzilla which is a well-known crypto focused advertising network. Jon_HQ warned users to secure their accounts and not sign up to any unusual calls, as it was most likely a scheme form the attackers.
Specialists from Coinzilla however managed to deal with the attack in less than 60 minutes, but a lot of damage was already caused. Coinzilla published an official statement regarding the attack, saying that a minor chunk of malicious code managed to sneak past the automatic security systems and execute itself for around an hour before the security team caught it. Many users have started to question the reliability of Coinzilla, which the service will have to reassure.
As of now, users of the mentioned cryptocurrency platforms can resume their daily endeavors, as the team at Coinzilla successfully managed to tackle the issue. Regardless of the suppression, many precious funds were stolen from many users account and the damage is still yet to be calculated by the relevant authorities. Affected websites and platforms will somehow have to recover the stolen funds or will have to compensate the affected users, but it still unclear what the next move will be.