Cybersecurity agency Peckshield reported that attackers flooded the Internet with phishing sites of the Stepn game project to steal the seed phrases of users’ wallets.
Blockchain security experts at Peckshield have tweeted that scammers are creating pages that mimic a popular site. Experts explained that the attackers are placing a fake MetaMask plugin in the browser, with which they steal seed phrases from unsuspecting Stepn users.
After stealing the seed phrase, hackers gain full control over the user’s wallet, after which they withdraw assets to their wallets. The cybersecurity agency urged Stepn users to contact support as soon as possible if they find anything suspicious on their accounts. Some customers have already stated that they have encountered problems.
Representatives of the Stepn project themselves have not yet commented on Peckshield’s statement in any way – despite the fact that the phishing notification came almost 20 hours after the completion of the discussion by the cryptocurrency community of hacker attacks in the Peckshield audio room on Twitter.
Stepn is a gaming platform based on Solana where gamers purchase non-fungible token (NFT) sneakers to get started. The application tracks the movement of users via GPS on their mobile phones and issues them Green Satoshi (GST) in-game tokens. This digital currency can be exchanged for Solana (SOL), USDC or withdrawn to US dollars.
Last week, ConsenSys, the company behind the popular MetaMask cryptocurrency wallet, sent out a warning to users about the dangers of storing data in Apple iCloud due to the possibility of phishing. The fact is that at default settings, Apple devices, including iPhone, iPad and Mac, save “password-protected MetaMask storage” in the iCloud cloud service. If attackers using phishing can gain access to the service and the wallet password is not strong enough, users risk losing all funds.