A sophisticated phishing attempt targeting crypto and metaverse users utilizing non-custodial wallets like MetaMask has been discovered by Guardio, a cyber security business.
Phishing campaigns are being ramped up by attackers.
The Guardio research team noted in a recent blog post that the illicit operation is operating at full throttle in terms of breadth and depth. Hackers were using time-tested web infiltration tactics like domain typo-squatting techniques accelerated by malvertising campaigns where victims unknowingly approve payment to attackers via cloned websites of leading NFT and metaverse brands like OpenSea and others, according to the cybersecurity startup.
These NFT and metaverse websites typically provide a high level of functionality and employ a complicated network of wallet connections, relying mostly on non-custodial wallets, the most popular of which is MetaMask. Cloned and malicious websites are ranked on the first page of search results using black hat SEO and aggressive promotion through paid Google AdWords, resulting in thousands of victims.
It’s worth noting that the Guardio claims that these cloned websites, which number in the thousands, are “flying under the radar” and are undetectable by in-built browser protection mechanisms or traditional antivirus software.
What is the difference between MetaMask and Metaverse?
According to the Guardio research team, attackers have amassed tens of thousands, if not hundreds of thousands, of money from vulnerable victims, significantly hurting the user experience and thereby giving the crypto and metaverse scene a poor rap.
Blockchain guarantees complete autonomy and control. These are the guidelines that deployment agents and infrastructure providers follow. For example, the MetaMask non-custodial wallet is simple to use and allows users to store ETH, ERC-20, and other EVM-compatible tokens. Over ten million users are reported to have used the wallet to access multiple NFT, Metaverse, and DeFi portals in Ethereum, the Binance Smart Chain (BSC), Harmony, and other EVM-compatible networks.
DeFi, NFT, and the Metaverse have all grown in popularity in recent years, commanding billions of dollars. All DeFi dApps had a total value of nearly $208 billion at the time of writing. NFT trading volumes, on the other hand, rose to much than $5 billion in January 2022 alone, extending their impressive numbers from 2021. The overall amount of NFT trading increased to almost $25 billion last year. Meanwhile, the Metaverse is gaining traction, despite the fact that it has been receiving attention since Q3 2021. The Metaverse, according to predictions, will be revolutionary, completely revamping the internet. Analysts predict that the Metaverse’s value will exceed $1 trillion in the next decade.
Emphasis on the Metaverse and Cryptocurrency Users
Because most Metaverse, DeFi, and NFT users are tech-savvy and crypto holders, attackers appear to be specifically targeting them. Attackers are cloning and distributing a near-pixel copy of the original site, catching some users off guard. They are aware that users are also on the alert to avoid getting hacked and losing valuable assets.
Because blockchain solutions are noncustodial, the controller of the wallet’s private keys must first validate the transaction before it can be irreversibly confirmed on the network. As a result, by publishing a flawless front-end, attackers may concentrate on exploiting end-user approval, which is arguably the only weakness in blockchain metaverse and NFT sites. Hackers have also successfully extracted private keys, which are passphrases required for transaction confirmation, according to Guardio analysts.
How to Stay Safe in Crypto
Crypto developments such as the Metaverse and NFTs are intriguing, but they are still in their infancy. Attackers are on the hunt, waiting to extort cash and private keys from unsuspecting victims at any time. Due diligence is required to stay safe. As the first line of defense, always use a reliable antivirus product.
As a general guideline, never disclose the private keys to your wallet with anyone, no matter how convincing they seem. Users should also double-check that they are accessing the correct website and not a clone with obvious mistakes.