PHISHING ALERT: Metamask users on hacked websites asked to enter seed phrases!

  • This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Adriaan Admin

Administrator
Staff member
Jan 30, 2018
231
44
28
www.bitcoinforbeginners.io
#1
Multiple websites have been hacked and more might be hacked where they seem to be using a security vulnerability of Cloudflare (if those websites are using Coudflare services). Visitors of websites are getting redirected to the phisher's site and at some point this pop up will appear where users are asked to enter their seed phrase to update their Metamask. The pop up obviously looks very native to Metamask's design.

Metamask phishing.png

Please do not fall for this trap; DO NOT ENTER YOUR SEED PHRASE AND CLOSE THE WEBSITE IMMEDIATELY, because the seed phrase will be sent to the hacker's server and will then be able to install your account and remove all your funds! Also report to Metamask. The only legit way where you should ever enter your seed phrase is when you personally click on the Metamask extension logo (the fox image) in your browser in case you need to restore your wallet. Personally I also recommend not to store more money on Metamask than you need for making small payments; do not store more on Metamask than you can afford to lose.

Also read this Medium article by Metamask for more details on this issue: https://medium.com/metamask/new-phishing-strategy-becoming-common-1b1123837168