Modal Phishing Attacks Targeting Mainstream Wallets: What You Need to Know

04/14/2023 00:38 • Blockchain Briefs • 118 views

It is reported that the security company CertiK disclosed on social media that hackers are carrying out \”modal phishing\” attacks on mainstream wallets such as MetaMask, and control

It is reported that the security company CertiK disclosed on social media that hackers are carrying out “modal phishing” attacks on mainstream wallets such as MetaMask, and controlling the “modal window” of unmanaged wallets by sending phishing messages to mobile wallets identified as legitimate decentralized applications (dApps), in order to induce their owners to approve wrong transactions, The user may think that he or she is approving a ‘security update’ through the MetaMask wallet. The CertiK team reminds and emphasizes that users should be very cautious and even skeptical about every unknown transaction request – even those marked as security upgrades.

Security company: hackers are carrying out “modal phishing” attacks on mainstream wallets such as MetaMask

Introduction

CertiK, a leading security company, recently disclosed on social media about the emergence of “modal phishing” attacks that are targeting mainstream wallets such as MetaMask. These attackers are controlling the “modal window” of unmanaged wallets by sending phishing messages to mobile wallets that are recognized as legitimate decentralized applications (dApps). The aim of the attackers is to trick users into approving wrong transactions that they believe to be a security update through their MetaMask wallet.

What is Modal Phishing?

Modal phishing is a type of attack where the hackers manipulate the modal window of the user’s wallet user interface (UI). The modal window is a pop-up window that appears when a user is performing a transaction or other activity on their wallet. In this type of phishing attack, the hacker creates a fake modal window that mimics the legitimate window of the wallet UI. The purpose of this fake window is to trick the user into inputting their private key.

How Hackers are Carrying Out Modal Phishing Attacks

According to the CertiK team, the hackers send phishing messages to mobile wallets that are recognized as legitimate dApps. These phishing messages are designed to entice the users to update their wallets, and when the user clicks on the message, a malicious website is opened, giving the hacker access to the user’s wallet. The hacker then proceeds to initiate a transaction request and tricks the user into approving the transaction by creating a fake modal window that looks identical to the wallet UI.

How to Stay Safe from Modal Phishing Attacks

The CertiK team has advised users to be very cautious and even skeptical of every unknown transaction request – even those marked as security upgrades. You can also take some practical steps to protect yourself from modal phishing attacks. These include:
1. Only download wallets and dApps from trusted sources.
2. Never input your private key on any website other than the official wallet UI.
3. Always verify the URL of a website before inputting your private key.
4. Use two-factor authentication (2FA) to secure your wallet.
5. Enable a hardware wallet if available.
6. Regularly update your wallet and dApps to the latest version.

Conclusion

Modal phishing attacks represent a new challenge for the cryptocurrency community. The attackers are becoming more sophisticated, and the risks associated with these attacks are high. As a user, you must stay alert and implement best practices to protect yourself from these attacks. Always be skeptical about every unknown transaction request and never input your private key on any website other than the official wallet UI.

FAQs

1. What is modal phishing?
Modal phishing is a type of attack where the hackers manipulate the modal window of the user’s wallet user interface (UI).
2. How do hackers carry out modal phishing attacks?
Hackers carry out modal phishing attacks by sending phishing messages to mobile wallets that are recognized as legitimate dApps. When the user clicks on the message, a malicious website is opened, giving the hacker access to the user’s wallet.
3. How can I stay safe from modal phishing attacks?
To stay safe from modal phishing attacks, you should only download wallets and dApps from trusted sources, never input your private key on any website other than the official wallet UI, always verify the URL of a website before inputting your private key, use 2FA to secure your wallet, and regularly update your wallet and dApps to the latest version.

This article and pictures are from the Internet and do not represent Fpips's position. If you infringe, please contact us to delete:https://www.fpips.com/14624/

It is strongly recommended that you study, review, analyze and verify the content independently, use the relevant data and content carefully, and bear all risks arising therefrom.

Like (0)

The Rise of ETH: Understanding the Record-Breaking Numbers

Previous 04/14/2023 00:37

Introducing Ondo Finance’s latest offering: OMMF, a US dollar-pegged stablecoin based on money market funds (MMFs)

Next 04/14/2023 00:42

Blockchain Briefs

Synthetix’s SCCP-293 to Decrease Fees and Increase Open Position Limits in Perps Contracts

On April 28th, Synthetix announced that SCCP-293, which has been activated to update perpetual contract parameters, will significantly reduce Perps fees and increase the limit on o

04/28/2023
92
Blockchain Briefs

Table of Contents

According to reports, Canadian Web3 investment firm BitValue Capital has announced an investment of $10 million in IOST, which will be used for the upgrade of the IOST main network

04/06/2023
89
Blockchain Briefs

What is the value of Bitcoin for

What is the value of Bitcoin for? According to Bitcoin, what is the value of Bitcoin for? According to BitInfoCharts.com, the total market value of the Cryptocurrency market has increased by more than $2 trillion in the past 30 days. With the price of Bitcoin rising by over 400%, trading activity has also reached a historic high; At present, the global digital currency transaction volume has reached around 1 billion US dollars; In addition, Coinmarketcap data shows that Bitcoin’s market share is increasing. Therefore, the price trend of BTC can be attributed to its “Scarcity” and its increasing importance as a means of payment What is the value of BitcoinAccording to Cointelgraph, what is the value of Bitcoin (BTC)? According to the latest statistics, on January 13, 2019, a total of 5200 Cryptocurrency owners worldwide transferred about 73 million BTCs on the network. Although this does not mean that Bitcoin is the only virtual commodity or digital asset, to some…

08/07/2023
96
Blockchain Briefs

Elon Musk Calls for Closure of Microsoft Bing Al Based on ChatGPT as Unsafe

According to reports, Elon Musk said that Microsoft Bing Al based on ChatGPT was unsafe and agreed that it should be closed. (Watcher.Guru)

Elon Musk: …

02/17/2023
114
Blockchain Briefs

What are the advantages of Antpool (How to configure miners in Antpool)

What are the advantages of Antpool (What are the advantages of Antpool?) Like a

08/19/2023
78
Blockchain Briefs

Huge USDT Transfer Signals Bullish Sentiment in Crypto Market

It is reported that according to Whale Alert data, 50050049 USDTs were transferred from Tether Treasury to Binance. About 50 million USDTs transferred from Tether to Binance Analysis based on this information:In the latest news from the cryptocurrency market, there has been a massive transfer of 50,050,049 USDT from Tether Treasury to Binance, reported by the Whale Alert system. This transfer is worth over $50 million, which is a considerable amount even in the volatile crypto space. The activity of whales, or entities with significant crypto holdings, can often signal the direction of the market’s sentiment, and this transfer could be a bullish signal for the future. USDT, which stands for Tether, is a stablecoin pegged to the value of the US dollar, which means that it has a fixed price and is not subject to the volatility of other cryptocurrencies. USDTs are used by traders to move funds between different exchanges and are becoming increasingly popular in the market…

03/14/2023
118
Blockchain Briefs

Understanding the Recent Transfer of 1098 BTCs to Kraken Exchange

On March 31, according to Whale Alert monitoring, at 16:28:121098 BTCs (approximately $30.52 million) were transferred from unknown wallet addresses to Kraken on March 31, Beijing

03/31/2023
119
Blockchain Briefs

Elon Musk Warns About the Importance of Monitoring the Security of Artificial Intelligence

According to reports, Musk said that AI is an issue that we need to be very concerned about, and we need to monitor AI security.

Musk: AI security n…

02/15/2023
126
Blockchain Briefs

ConsenSys zkEVM went online to test the network and was renamed Linea

According to reports, ConsenSys has announced the renaming of the Layer 2 solution ConsenSys zkEVM to Linea, which is currently open for testing by all developers, users, or protoc

03/28/2023
105
Blockchain Briefs

Kakao Enterprise: Accelerating the Establishment of a Token Securities Issuance (STO) Platform

It is reported that Kakao Enterprise, an IT platform operator under Kakao, a South Korean internet giant, is accelerating the establishment of a token securities issuance (STO) pla

03/31/2023
114
Blockchain Briefs

**7:00-12:00: Making Sense of Do Kwon’s zkSync Shanghai Upgrade and OpenAI**

7:00-12:00 Keyword: Do Kwon, zkSync, Shanghai Upgrade, OpenAI
Summary of important developments at noon on March 31
There\’s been a lot of buzz in the crypto world about Do Kwon\’s z

03/31/2023
105
Blockchain Briefs

DeFi Transfers Could Be Considered High-Risk under New Anti-Money Laundering Rules in EU

It is reported that according to the latest version of EU anti-money laundering regulations, the transfer with DeFi may be classified as high-risk. After the E…

03/11/2023
113
Blockchain Briefs

#How Blockchains Such As Near, Polkadot, and Cardano are Innovating to Achieve Scalability, Decentralization, and Security.

According to reports, Bank of America (BAC) stated in a research report that protocols such as Near, Polkadot, and Cardano are using new methods to improve the trade-off between sc

03/23/2023
111
Blockchain Briefs

Table of Contents

According to reports, according to data from the Arbitrum browser, there have been 41189 addresses receiving ARB air drops, accounting for approximately 7.5% of the total number of

03/23/2023
104
Blockchain Briefs

What software can watch Bitcoin market (which app can watch Bitcoin market)

What software can watch Bitcoin market According to Coindesk news, what software can watch Bitcoin market? What software can monitor the Bitcoin market? 1、 How to download the Apple system: The Apple Store on Android phones has a Google search function that allows you to search for stock prices on all mainstream websites around the world. Google Search search engine supports all currencies and data on Ethereum network; Google provides an analysis platform based on blockchain technology, which can be used to view price information and other indicators of the Bitcoin market, as well as provide relevant real-time data. The second is to use professional tools to help investors understand the latest developments in the Bitcoin market. The third is to use third-party browsers for mining (such as cloud drives). Fourthly, users installed on the Apple system need to first register their company’s server and then open a webpage to browse According to Bitcoin, Bitcoin has risen by nearly 30%…

08/05/2023
105
Blockchain Briefs

Shardeum’s Sphinx Betanet Version 1.1 Launches Verification Period and Pledge Test via GUI and CLI

On February 16, it was reported that the Layer1 blockchain Shardeum created by WasirX co-founder and CEO Nischal Shetty has launched Sphinx Betanet version 1.1…

02/16/2023
981