Metamask For Firefox



  1. Metamask For Firefox Download
  2. Metamask Wallet Sign In
  3. Metamask For Firefox Windows 10

Over the past week, users of the MetaMask cryptocurrency wallet have been losing funds to a phishing scam that lured potential victims through Google search ads.

MetaMask has a community of more than one million users. The site offers an Ethereum cryptocurrency wallet in the browser via a browser extension that lets distributed applications read from the blockchain.

MetaMask provides the simplest yet most secure way to connect to blockchain-based applications. You are always in control when interacting on the new decentralized web.

When installing the legitimate extension, you can either import an existing wallet or create a new one along with the secret seed phrase that allows access to the wallet.

Metamask For Firefox Download

MetaMask users find empty wallets

Although it is unclear how many MetaMask users fell for the scam, some say they ended up with empty wallets after clicking on a fraudulent search ad being promoted as the MetaMask site.

MetaMask is a bridge that allows you to visit the distributed web of tomorrow in your browser today. It allows you to access Ethereum dapps right in your browser without running a full Ethereum node. You can post news or questions here, just be kind! A crypto wallet & gateway to blockchain apps. Install MetaMask for your browser. MetaMask is an Ethereum wallet and browser extension that can be used on the Chrome, Brave, Edge and Firefox browsers. In essence, it connects these browsers to the Ethereum blockchain, enabling you to store keys for Ether and ERC-20 tokens across the supported browsers.

The phishing/ad scam is still active, with a new domain constantly being promoted via Google search ads.

Metamask For Firefox

On Wednesday, MetaMask alerted its community of the scam and recommended the use of direct links to the legitimate metamask.io URL and to stay away from sponsored ads.

The warning came too late for some users, though, as some users reported losses of tens of thousands of U.S. dollars.

Complaints started pouring in this week, all stories describing the same scenario: the money was gone after trying to install the MetaMask browser extension.

Metamask Wallet Sign In

It was determined that the users were going to a fake MetaMask phishing page through Google ads. Once on the page, they are prompted to install the extension, which will give them an option to either import an existing wallet or create a new one.

If they click on the 'Create Wallet' button, they are brought to the real MetaMask.io site as there are no cryptocurrency to steal. However, if they click on the 'Import a wallet' option, they will be asked to enter the key phrase of their existing wallet, which is then sent to the attacker.

Metamask For Firefox Windows 10

As soon as the scammer got the seed phrase, they proceeded to empty the victims’ wallets. In replies to MetaMask’s warning on Twitter, one user said they were robbed of nearly $30,000.

Multiple domains pushed in Google search ads

The scammers purchased Google ads to target users searching for MetaMask in the Google search engine. These ads led to a fraudulent domain impersonating the cryptocurrency service.

They registered multiple domains for the scam, which is currently ongoing, as seen in the screenshot below taken by BleepingComputer:

The domain maskmefa[.]io is currently promoted in search ads when looking for MetaMask on Google. The spelling of the service in the title ad should be a red flag, but most users are likely to miss this (note the Russian 'к' and space before the top-level domain). A whois lookup on Domaintools shows that it was registered only yesterday.

Edge

Blockchain forensics company CipherTrace in a post this week mentions three other domains used for the scam:

  • maskmeha[.]io
  • installmetamask[.]com
  • meramaks[.]io

The first two are ten and nine days old, respectively, while the third was registered yesterday. All were registered through the same registrar, NameCheap.

Users landing on the fraudulent sites would have difficulty spotting the fraud because it looks almost identical to the legitimate MetaMask page. Even if they check the domain in the address bar, there is a high chance of falling for the trick.

The only difference between the original MetaMask site and the fake one is unnoticeable for most users (the writing on the button for getting the extension).

Scams and malware attacks increase in frequency during the holiday season when consumers spend more enticed by discounts or special offers and are more easily distracted.

Paying extra attention to download sources reduces the chance of becoming a victim. MetaMask’s advice to access resources from direct, official links (e.g., company accounts on LinkedIn, Twitter, Facebook) and avoiding redirects from third parties (e.g., URLs in messages) is a good way to not fall for a scam.

Update [12/720]: MetaMask users are being targeted via ads displayed at the top of the results in other search engines. BleepingComputer today captured a screenshot showing fraudulent MetaMask ads in DuckDuckGo when the region filter was active.

Web app hacker Sean Roesner found that the malicious ads were also running on Microsoft Bing and Yahoo, he published screenshots in a tweet today, saying 'Can't trust ANY search providers. They all allow scammers to run malicious ads.'

Isn't just @Google , it's on @DuckDuckGo, @bing and @Yahoo now
Can't trust ANY search providers. They all allow scammers to run malicious ads -_- https://t.co/MFE9zkBV4vpic.twitter.com/enpYfC8Z0y

— @zseano (@zseano) December 7, 2020

Related Articles: