An elaborate scam has been detected, targeting users of the Pudgy Penguins NFT project through the use of ad networks for phishing attacks.
Attack Mechanism
The phishing attempt uses Google’s Ad Network to spread harmful scripts through the Adloox tracking domain. The ads' code searches for Web3 wallets in user browsers and redirects them to a fake Pudgy Penguins site to capture wallet credentials.
Potential Vulnerabilities
The attack suggests that sites using Prebid.js, a header bidding API library, can be vulnerable. By utilizing the Adloox analytics module, these sites risk transmitting malicious scripts.
Mitigation Steps
To reduce exposure to these threats, it's advised to install ad blockers and open crypto sites and wallets in a different browser. Caution is crucial when entering wallet credentials. Security researcher ZachXBT notified Adloox, resulting in the removal of compromised JavaScript files.
The detection of this attack highlights the growing phishing risks in the crypto world, underscoring the need for heightened user vigilance.
