Hacker’s target MetaMask users

Arathi Nair
Arathi Nair July 2, 2022
Updated 2022/07/02 at 2:59 PM

According to a recent study by Armorblox, scammers are preying on cryptocurrency traders under the guise of having their wallets KYC compliant as cryptocurrency exchanges and wallets make KYC required for customers. One of the most popular cryptocurrency wallets, MetaMask enables users to host Apps, store digital assets, and interact with the blockchain.

Researchers from Armorblox claim that hackers circumvent Microsoft Office 365 and plan email assaults against numerous targets in the financial sector. Users are asked to authenticate their accounts in an email that appears to be from the MetaMask wallet. However, after clicking the link, the victims were directed to a fake MetaMask verification screen.


The socially engineered email looked to have been received from the MetaMask support email address support@metamask.as and was subject “Re: [Request Updated] Ticket: 6093-57089-857.” According to the researchers’ blog post, “the email body faked a Know Your Customer (KYC) verification request and claimed that failing to follow KYC standards would result in limited access to the MetaMask wallet.”

The victim is led to a false landing page that closely resembles a genuine MetaMask verification page when they click the “Verify Your Wallet” button within the email. In order to keep using the MetaMask service and adhere to KYC standards, the victim was prompted to provide their passphrase.

“For better protection and coverage against email attacks (be it spear phishing, compromise of corporate email, or credential phishing attacks like this one), organizations should increase built-in email security with levels that take a substantially different approach to threat detection, Armorblox researchers said. . Have the email examined, paying attention to the sender’s name, email address, and any foreign languages. internal emails and any logical errors contained within.

“If you haven’t already, implement these hygiene best practices to minimize the impact of credentials being exfiltrated: Deploy multi-factor authentication (MFA) on all possible business and personal accounts. Don’t use the same password on multiple sites/accounts,” Researchers added.


For more such updates keep reading on techinnews.com

Share this Article