05-14-2022, 06:35 AM
Emergency Security warning: Multiple sites including CoinGecko seem to be compromise
<table> <tr><td> <a href="https://www.reddit.com/r/CryptoCurrency/comments/up2mna/emergency_security_warning_multiple_sites/"> <img src="https://b.thumbs.redditmedia.com/TF0qD7w3Sk2u8sAcUCc8_hq4N40qhmvQzCqQpKoHnYY.jpg" alt="Emergency Security warning: Multiple sites including CoinGecko seem to be compromised. Be careful while making any txns" title="Emergency Security warning: Multiple sites including CoinGecko seem to be compromised. Be careful while making any txns" /> </a> </td><td> <!-- SC_OFF --><div class="md"><p>Looks like many sites have been hit with a front end attack. Some like Spirit Swap are reporting the attacker managed to change swap address by hacking into AWS..</p> <p><a href="https://preview.redd.it/1779ljhufbz81.jpg?width=1148&format=pjpg&auto=webp&s=879b1a7b479a6e18bffef7772e9dfb2c62cf499a">CoinGecko warning.</a></p> <blockquote> <p>Security Alert: If you are on the CoinGecko website and you are being prompted by your Metamask to connect to this site, this is a SCAM. Don't connect it. We are investigating the root cause of this issue.</p> </blockquote> <p>Incomplete list of services that seem compromised as of now: Etherscan, Curve Finance, Coin Gecko, Spirit Swap. Many more could be too, till the team verifies or confirms them</p> <p>Seems to be a front end hack where some kind of Metamask pop up keeps appearing when visiting these sites.</p> <p><a href="https://preview.redd.it/x8c3c0wbhbz81.jpg?width=1174&format=pjpg&auto=webp&s=fd7b1f3391534aad86ce3f6627b47f6f72427645">Spirit Swap is reporting the attacker managed to change swap addresses for transactions to steal funds. </a></p> <p>Users on Etherscan have also reported the same thing.</p> <p><a href="https://preview.redd.it/uko9no4ogbz81.jpg?width=1182&format=pjpg&auto=webp&s=17c905b9e2a61a91bb70615dba3b36ee5962c3ed">Persistent connection dialog boxes that dont seem to go away. </a></p> </div><!-- SC_ON --> submitted by <a href="https://www.reddit.com/user/Set1Less"> /u/Set1Less </a> <br/> <span><a href="https://www.reddit.com/r/CryptoCurrency/comments/up2mna/emergency_security_warning_multiple_sites/">[link]</a></span> <span><a href="https://www.reddit.com/r/CryptoCurrency/comments/up2mna/emergency_security_warning_multiple_sites/">[comments]</a></span> </td></tr></table>
<table> <tr><td> <a href="https://www.reddit.com/r/CryptoCurrency/comments/up2mna/emergency_security_warning_multiple_sites/"> <img src="https://b.thumbs.redditmedia.com/TF0qD7w3Sk2u8sAcUCc8_hq4N40qhmvQzCqQpKoHnYY.jpg" alt="Emergency Security warning: Multiple sites including CoinGecko seem to be compromised. Be careful while making any txns" title="Emergency Security warning: Multiple sites including CoinGecko seem to be compromised. Be careful while making any txns" /> </a> </td><td> <!-- SC_OFF --><div class="md"><p>Looks like many sites have been hit with a front end attack. Some like Spirit Swap are reporting the attacker managed to change swap address by hacking into AWS..</p> <p><a href="https://preview.redd.it/1779ljhufbz81.jpg?width=1148&format=pjpg&auto=webp&s=879b1a7b479a6e18bffef7772e9dfb2c62cf499a">CoinGecko warning.</a></p> <blockquote> <p>Security Alert: If you are on the CoinGecko website and you are being prompted by your Metamask to connect to this site, this is a SCAM. Don't connect it. We are investigating the root cause of this issue.</p> </blockquote> <p>Incomplete list of services that seem compromised as of now: Etherscan, Curve Finance, Coin Gecko, Spirit Swap. Many more could be too, till the team verifies or confirms them</p> <p>Seems to be a front end hack where some kind of Metamask pop up keeps appearing when visiting these sites.</p> <p><a href="https://preview.redd.it/x8c3c0wbhbz81.jpg?width=1174&format=pjpg&auto=webp&s=fd7b1f3391534aad86ce3f6627b47f6f72427645">Spirit Swap is reporting the attacker managed to change swap addresses for transactions to steal funds. </a></p> <p>Users on Etherscan have also reported the same thing.</p> <p><a href="https://preview.redd.it/uko9no4ogbz81.jpg?width=1182&format=pjpg&auto=webp&s=17c905b9e2a61a91bb70615dba3b36ee5962c3ed">Persistent connection dialog boxes that dont seem to go away. </a></p> </div><!-- SC_ON --> submitted by <a href="https://www.reddit.com/user/Set1Less"> /u/Set1Less </a> <br/> <span><a href="https://www.reddit.com/r/CryptoCurrency/comments/up2mna/emergency_security_warning_multiple_sites/">[link]</a></span> <span><a href="https://www.reddit.com/r/CryptoCurrency/comments/up2mna/emergency_security_warning_multiple_sites/">[comments]</a></span> </td></tr></table>