Crypto Con Artists Exploit Government Websites via MetaMask Hijack to Deceive Crypto Enthusiasts

Government Websites in Multiple Countries Used as Bait in MetaMask Crypto Scams

Cryptocurrency fraudsters are employing a new tactic to target MetaMask users, manipulating official government websites from India, Nigeria, Egypt, Colombia, Brazil, Vietnam, and other regions. The scam involves redirecting unsuspecting visitors to counterfeit MetaMask websites, where they attempt to gain access to users’ crypto wallets.

MetaMask, a popular Ethereum-based crypto wallet, has long been a prime target for scammers who create fake websites requesting permission to access users’ MetaMask wallets.

These fraudulent activities were recently detected on official government websites across several countries, including India, Nigeria, Egypt, Colombia, Brazil, and Vietnam. When users click on the rogue links embedded within these government websites, they are redirected to fake URLs that mimic the legitimate site. Microsoft Defender, Microsoft’s built-in security feature, issues a phishing warning when users access these fake sites.

If users disregard the warning and proceed, they encounter a website that closely resembles the official MetaMask platform. Here, they are prompted to link their MetaMask wallets in order to access various services.

The similarity between the real and fake MetaMask websites often leads investors into falling victim to these scams. By linking their MetaMask wallets on these fraudulent sites, users unwittingly grant scammers full control over their wallet assets.

MetaMask’s security team acknowledges that the Web3 ecosystem’s rapid growth has made it an attractive target for scammers and thieves. They are actively working to incorporate heuristic methods from these ongoing campaigns into their detection engines to identify and mitigate such attacks before they reach users.

Amid the rising number of crypto-related attacks, MetaMask encourages potential victims to promptly report any suspected scams. In the event of a compromised seed phrase, MetaMask advises users to cease using the compromised phrase and generate a new one from an uncompromised device. It’s worth noting that MetaMask does not collect Know Your Customer (KYC) information from its users.

In April, MetaMask refuted claims of an exploit that allegedly drained over 5,000 Ether from various addresses across 11 blockchains. The wallet provider emphasized that the funds were not stolen from MetaMask and that the claim was inaccurate. Despite exhaustive research, the MetaMask team has not provided a conclusive explanation for the incident, leaving many questions unanswered.