As reported by Coindesk and the block crypto, sites including etherscan, coingecko, and dextools all warned users they were aware of suspicious popups appearing for visitors.
This one appeared to promise a link to the bored ape yacht club project. It prompted users to connect their metamask wallets to the site. Since it was appearing on domains that many people trust and use every day, they may have fallen for it and given it access.
The situation is caused by a malicious ad script by coinzilla. We have disabled it now but there may be some delay due to CDN caching.
In February, a phishing attack stole $ 1.7 million worth of nfts from opensea users. A more recent attempt via discord only snagged $ 18,000 worth of tokens.
A Tweet from coingecko identified the source of the malicious popup as coinzilla. It said it could deliver over 1 billion impressions per month across more than 600 sites popular with crypto enthusiasts.
Hey there, my tech-loving followers! It's your funny guy, Nuked, here with some exciting news…
Hey there, my tech-loving followers! It's your funny guy Nuked here with some interesting news…
Hey there, my fellow tech enthusiasts! It's your favorite funny guy who loves all things…
Hey there, fellow tech enthusiasts! It's Nuked here, ready to bring you some news about…
Hey there, my fellow tech enthusiasts! It's your funny guy Nuked here, ready to share…
Hey there, my awesome followers! It's your favorite funny tech guy, Nuked, here to bring…