Crypto NewsCybersecurity NewsNews

MetaMask Hackers Usurped Government Websites To Target Crypto Investors


Official government reports from India, Colombia, Egypt, Vietnam, and other countries have identified their websites being redirected to fake MetaMask websites.

The crypto scam’s aim at crypto wallet users has been persisting for a long time now, as it involves redirecting naive individuals to disguised website addresses that request the same access to the wallet.

Scammers Utilized Government Websites to Steal Crypto

Over the years, many countries’ government websites have been redirecting unwary users to fake MetaMask websites and requesting login details to access wallets.

The crypto firm was in contact with experts who revealed the ongoing scam using various government websites. According to the company’s cyber response team, Web3’s incredible growth potential makes the ecosystem attractive for hackers and scammers to explore.

Additionally, the experts explain that once users click on any of the rogue links placed within the government website URL, they will automatically enter the disguised Metamask websites, Upon entering websites Microsoft Defender will issue a warning if ignored then the results are predictable.

According to the statement, it’s almost impossible to notice a difference between the real and the fake MetaMask website. Nonetheless, linking a wallet to such lookalike websites creates opportunities for scammers to own complete control over personal assets held in their wallets.

MetaMask Swift Reaction To Occurrences

MetaMask said in a statement, that, we are building some heuristics (metadata, indicators TTPs, etc.) from this current campaign into our detection engines to hopefully detect any more of these attacks as soon as they launch and take steps to take them down before they reach users or at the very least minimize the exposures.

Additionally, Metamask encourages crypto investors and the potential to report possible scams like these in the future. it noted that users with possible victims should change their present seed recovery phrase and create a new one for better protection when compromised immediately.