During the night from Friday to Saturday, it was learned that several platforms related to cryptocurrencies suffered attacks of different types which could have compromised the security of their users’ data, and then perhaps of their funds. This situation affected CoinGecko, Etherscan and QuickSwap.
In the case of CoinGecko and Etherscan, a phishing attack occurred through a pop-up notification when logging into these portals. The message asked to connect the MetaMask wallet to nftapes.win, a type of advertisement that is not normally displayed on these sites.
Both platforms said the original issue was with Coinzilla, an advertising service used by those sites. In a message posted on his Twitter accountCoinzilla said the issue was caused by malicious code in an ad campaign that evaded the site’s automated security checks.
We have added additional verifications in place to ensure the security of users seeing our ads.
To clarify what happened:
A single campaign containing a piece of malicious code has managed to pass our automated security checks.
—Coinzilla (@adsbycoinzilla) May 14, 2022
“It ran for less than an hour before our team shut it down and locked the account“, added the ad service, which also pledged to ensure that the code in question is removed from all third-party scripts, to help those affected and to investigate the perpetrators of the attack.
They did not admit or deny that any users were affected.
Although the affected platforms released statements with additional details on Twitter, they neither admitted nor denied that users lost funds as a result of the attack. This article will be updated when new developments on this issue are reported.
Update: The situation is caused by a malicious ad script by Coinzilla, a crypto ad network – we have disabled it now but there may be some delay due to CDN caching. We are monitoring the situation further. Do stay on alert and don’t connect your Metamask on CoinGecko. https://t.co/NY0ppKecIG
— CoinGecko (@coingecko) May 13, 2022
CoinGecko reported via its Twitter account that the attack is “disabled now, but there may be some delay due to CDN caching“. “We are monitoring the situation more closely. Stay alert and don’t plug your MetaMask into CoinGecko“, they added.
2/ The CoinZilla integration was immediately disabled upon being alerted. We were later also informed by Coinzilla that they had fixed this issue upstream on their end. We have been monitoring the situation since then have not seen any new reports
— Etherscan (@etherscan) May 14, 2022
As for Etherscan, the announcement was similar, on the same social network. “CoinZilla integration was disabled immediately after receiving the alert. Later, Coinzilla also informed us that they have fixed this issue on their end. We have been monitoring the situation since then, we have not seen any new reports“, they wrote from the Ethereum network block explorer account.
We are disabling all ads until the situation is clarified by @adsbycoinzilla . Please be aware and don't sign suspicious requests at your wallet. DEXTools does not automatically request any permissions. 🚨🚨 https://t.co/gC7Oebkj0R
— DEXTools (@DEXToolsApp) May 13, 2022
Another affected platform was DexTools, a decentralized finance (DeFi) application for decentralized exchanges. In a tweetthey also blamed Coinzilla for the issue and asked “to be careful and not to sign suspicious requests in your wallet, DEXTools does not automatically ask for permissions“.
Quickswap also compromised
The decentralized exchange or DEX Quickswap also fell victim to a security breach, reported in the early hours of Saturday, May 14. According to the platform’s official Twitter account, the Quickswap domain, provided and hosted by GoDaddy, had been “diverted“.
This prevented cryptocurrency exchanges (swaps) from being carried out securely on the platform. As of this writing, the site is still “under maintenance” and its services cannot be used directly.
“Funds in LPs, Dragon’s Lair, Syrup Pools and wallets are safe“, specified the protocol in its message. As in previous cases, Quickswap did not report any losses its users may have suffered as a result of this situation.
The use of DEXs has increased since last year, and they are even gradually taking over centralized exchanges. In this growing category, Quickswap ranks among the top five exchanges in the world in terms of trading volume, according to dappradar.com, so the vulnerability of its functions could affect thousands of users.
Pin up Hide the table of contents
#ALERTE #Des #attaques #simultanées #ont #frappé #CoinGecko #Etherscan #Quickswap #dautres #sites #CoinGecko #Etherscan #MetaMask #QuickSwap #Cryptomonnaie