cybersecurity firm has warned about a new phishing campaign aimed at MetaMask users.

The active phishing campaign, according to a July 28 post by Halborn's technical education specialist Luis Lubeck, used emails to target MetaMask users and trick them into giving out their passwords.

To warn users of the new scam, the firm analyzed scam emails received in late July. At first glance, the email appears to be legitimate, with a MetaMask header and logo, as well as messages informing users about KYC regulations and how to verify their wallets.

However, Halborn pointed out several red flags in the message. Two of the most obvious were spelling mistakes and a forged sender's email address. Furthermore, the phishing emails were sent from a bogus domain called metamaks.auction.

Phishing is a social engineering attack that uses targeted emails to trick victims into disclosing more personal information or clicking links to malicious websites designed to steal cryptocurrency.

The firm also noted that there was no personalization in the message, which is another red flag. Hovering over the call to action button reveals the malicious link to a bogus website that prompts users to enter their seed phrases before redirecting them to MetaMask to empty their cryptocurrency wallets.

Halborn was founded in 2019 by ethical hackers who provide blockchain and cyber security services and raised $90 million in a Series A round in July.

Researchers discovered a case in which a user's private keys were discovered unencrypted on a disk in a compromised computer in June. Following the discovery, MetaMask patched its extension versions 10.11.3 and later.

At the time of writing, there was no mention of the new email phishing threat on MetaMask's Twitter feed.

Following the leak of customer emails by a third-party vendor employee last week, Celsius users were warned of a phishing threat.

Security researchers issued a warning in late July about the appearance of a new malware strain called Luca Stealer in the wild. The information stealer was written in the Rust programming language and is designed to target Web3 infrastructure such as cryptocurrency wallets. In February, a similar malware called Mars Stealer was discovered targeting MetaMask wallets.


Aug 1, 2022
Crypto News

More from 

Crypto News


View All

Join Our Newsletter and Get the Latest
Posts to Your Inbox

No spam ever. Read our Privacy Policy
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.