The developers of the popular Ethereum wallet MetaMask have sent out a notification about a new phishing attack. Hackers ask for a secret phrase (seed) under the guise of an official survey.
According to the developers, the hackers have launched a special bot that writes to MetaMask users with a link to the “support portal”. Under the guise of this portal, a poll service on Google Docs is used. Users are asked about the problem with the wallet, and they are also asked to provide a passphrase from the wallet. If gullible users provide the phrase, then the attackers gain full access to the wallet and all cryptoassets stored on it.
MetaMask developers emphasize that the wallet has its own “Get Help” function and does not use the Google Docs platform. They urge all users who encounter errors or other problems to use the built-in function, but not to follow links sent by unknown accounts. They also urged to complain about fraudulent messages.
It is worth noting that the MetaMask wallet is one of the most popular for tokens on the Ethereum blockchain. The number of active users of the program exceeded 5 million per month. The developers said that the most popular feature was MetaMask Swaps, which allows you to buy and sell ERC-20 tokens on various decentralized exchanges.