MetaMask scam uses false government websites

rug pull scam

Crypto scammers have employed tactics to target MetaMask users. The attackers have used URLs of government-owned websites to deceive unsuspecting victims and gain unauthorised access to their cryptocurrency holdings. MetaMask, a popular Ethereum-based crypto wallet, has long been in the crosshairs of scammers, who employ tactics like redirecting users to counterfeit websites that request access to their MetaMask wallets. A recent investigation shows that scammers have harnessed the very web domains of official government sites, across several countries including India, Nigeria, Egypt, Colombia, Brazil, and Vietnam, to carry out this fraudulent scheme.

“Recent reporting on @tayvano_’s thread has incorrectly claimed that a massive wallet draining operation is a result of a MetaMask exploit. This is incorrect. This is not a MetaMask-specific exploit…Our security team is working with others across the web3 wallet space to research the source of this exploit.

When users click on the links embedded within these government websites, they are redirected to a counterfeit URL rather than the legitimate MetaMask website. When accessing the false sites, Microsoft’s built-in security system issues a warning about a potential phishing attempt. Should users disregard this alert, they are presented with a website very similar to the official MetaMask platform. The imposter sites then prompt users to link their MetaMask wallets as a prerequisite for accessing various services on the platform.

This resemblance between authentic and counterfeit MetaMask websites is the primary reason why investors often fall victim to the scam. Importantly, linking MetaMask wallets on these deceptive sites grants scammers unfettered control over the assets stored within those specific MetaMask wallets. It is worth noting that in April, MetaMask refuted claims of an exploit that purportedly drained more than 5,000 Ether from its wallets. The wallet provider emphasized that the 5,000 ETH loss stemmed from various addresses across 11 blockchains and rebuffed any assertion that these funds were hacked from MetaMask, categorically stating that such claims were unfounded.

Related Articles

Binance and CZ fight back with a motion of dismissal

Following the lawsuits against Binance from the SEC, the exchange and its CEO have filed a motion of dismissal.

Mt Gox delays payments even further

Mt Gox has delayed the deadline to reimburse investors yet again, marking another year in a decade long delay.

USDC stablecoin launched on Polkadot Asset Hub

Circle has announced that USD Coin will be launched on the blockchain, extending USDCs presence in the ecosystem.

US authorities to halt Central Bank Digital Currency

Lawmakers in the United States have made moves to impede the development and launch of a central bank digital currency (CBDC) in the...

See All