Around 10 PM (UTC) this Friday, it was learned that several platforms related to cryptocurrencies suffered attacks of different types that could put the security of their users’ information at risk, and then perhaps their funds. The situation affected the prices and statistics site CoinGecko, the Ethereum block explorer Etherscan and the decentralized exchange (DEX) QuickSwap.
In the case of CoinGecko and Etherscan, Phishing Attack Occurred Via Popup Notification when entering these portals. The message asked to connect the MetaMask wallet to nftapes.win, a type of advertisement that is not normally shown on these sites.
Both platforms reported that the original problem was related to Coinzilla, an advertising service that these pages use. Through a publication On its Twitter account, Coinzilla reported that the problem was caused by malicious code in an advertising campaign that managed to get past the site’s automated security checks.
“It worked for less than an hour before our team stopped it and blocked the account,” added those responsible for this advertising service, who also promised to ensure that the codes in question are removed from any third-party scripts, to help those affected and investigate who perpetrated the attack.
They did not admit or deny that any user has been affected
Although the affected platforms issued statements with more details on Twitter, neither admitted nor denied that there were users who lost funds for the attack. This article will be updated as news on this topic is reported.
CoinGecko reported through its twitter account that the attack is “disabled now, but there may be some delay due to CDN caching.” “We are monitoring the situation more thoroughly. Stay vigilant and do not plug your MetaMask into CoinGecko,” they added.
As for Etherscan, ad It was similar, in the same social network. “The CoinZilla integration was disabled immediately after receiving the alert. Coinzilla later also informed us that they had fixed this issue on their end. We have been monitoring the situation ever since, we have not seen any new reports,” they wrote from the Ethereum network block explorer account.
Another affected platform was DexTools, a decentralized finance (DeFi) application for decentralized exchanges. Through a Tweetalso held Coinzilla responsible for the issue and requested to “be careful not to sign suspicious requests to your wallet, DEXTools does not automatically ask for any permissions.”
Quickswap, also compromised
The decentralized exchange or DEX Quickswap also suffered a security threat, which was reported in the early hours of today, Saturday May 14. According to the official account of this platform on Twitter, Quickswap’s domain, supplied and hosted by GoDaddy, had been “hijacked”.
This prevented cryptocurrency exchanges (swaps) from being carried out safely on the platform. At the time of writing this note, the page is still “under maintenance” and its services cannot be used directly.
“Funds in LP, Dragon’s Lair, Syrup Pools, and wallets are safe,” the protocol clarified in its message. As in the previous cases, Quickswap did not report any losses its users may have suffered because of this situation.
As CriptoNoticias has reported, the use of DEX it has increased since last year, and these are even taking over the ground from centralized exchanges little by little. In this growing category, Quickswap ranks among the five with the highest trading volume in the world, according to data from dappradar.com, so the vulnerability of its functions can affect thousands of users.