ALERT: Simultaneous Attacks Hit CoinGecko, Etherscan, Quickswap and Other Sites | CoinGecko, Etherscan, MetaMask, QuickSwap

During the night from Friday to Saturday, it was learned that several platforms related to cryptocurrencies suffered attacks of different types which could have compromised the security of their users’ data, and then perhaps of their funds. This situation affected CoinGecko, Etherscan and QuickSwap.

In the case of CoinGecko and Etherscan, a phishing attack occurred through a pop-up notification when logging into these portals. The message asked to connect the MetaMask wallet to nftapes.win, a type of advertisement that is not normally displayed on these sites.

Both platforms said the initial problem was with Coinzilla, an advertising service used by these sites. In a message posted on his Twitter accountCoinzilla said the issue was caused by malicious code in an ad campaign that evaded the site’s automated security checks.

It ran for less than an hour before our team shut it down and locked the account“, added the ad service, which also pledged to ensure that the code in question is removed from all third-party scripts, to help those affected and to investigate the perpetrators of the attack.

They did not admit or deny that any users were affected.

Although the affected platforms released statements with additional details on Twitter, they neither admitted nor denied that users lost funds as a result of the attack. This article will be updated when new developments on this issue are reported.

CoinGecko reported via its Twitter account that the attack is “disabled now, but there may be some delay due to CDN caching“. “We are monitoring the situation more closely. Stay alert and don’t plug your MetaMask into CoinGecko“, they added.

As for Etherscan, the announcement was similar, on the same social network. “CoinZilla integration was disabled immediately after receiving the alert. Later, Coinzilla also informed us that they have fixed this issue on their end. We have been monitoring the situation since then, we have not seen any new reports“, they wrote from the Ethereum network block explorer account.

Another affected platform was DexTools, a decentralized finance (DeFi) application for decentralized exchanges. In a tweetthey also blamed Coinzilla for the issue and asked “to be careful and not to sign suspicious requests in your wallet, DEXTools does not automatically ask for permissions“.

Quickswap also compromised

The decentralized exchange or DEX Quickswap also fell victim to a security breach, reported in the early hours of Saturday, May 14. According to the platform’s official Twitter account, the Quickswap domain, provided and hosted by GoDaddy, had been “diverted“.

This prevented cryptocurrency exchanges (swaps) from being carried out securely on the platform. As of this writing, the site is still “under maintenance” and its services cannot be used directly.

Funds in LPs, Dragon’s Lair, Syrup Pools and wallets are safe“, specified the protocol in its message. As in previous cases, Quickswap did not report any losses its users may have suffered as a result of this situation.

The use of DEXs has increased since last year, and they are even gradually taking over centralized exchanges. In this growing category, Quickswap ranks among the top five exchanges in the world in terms of trading volume, according to dappradar.com, so the vulnerability of its functions could affect thousands of users.

Pin up Hide the table of contents

Leave a Comment