Peckshield, a prominent blockchain security firm, exposed the existence of numerous phishing websites for the Web3 lifestyle app STEPN on Monday. Hackers insert a forged MetaMask browser plugin through which they can steal seed phrases from unsuspecting STEPN users, according to Peckshield.
When these cybercriminals obtain the seed phrase, they gain complete control over the STEPN user’s dashboard where they may connect their stolen wallets to their own or “claim” a giveaway as per Peckshield.
#PeckShieldAlert #phishing PeckShield has detected a bath of @Stepnofficial phishing sites. They insert a false Metamask browser extension leading to stealing your seed phrase or prompt you to connect your wallets or “Claim” giveaway. @Metamask @Coinbase @WalletConnect @phantom pic.twitter.com/cmWUcprMAN
— PeckShieldAlert (@PeckShieldAlert) April 25, 2022
Peckshield has urged STEPN users to contact support as soon as possible if they detect anything suspicious with their accounts. Some customers stated they had encountered issues, reported them to support and resolved the problem.
I was experiencing Just the same issue but was fixed in minutes soon as I reached out to the support team with the link below, give it a try too mate!https://t.co/l36cJerNm2
— cristian ronaldo (@cristianronal24) April 25, 2022
However, STEPN has yet to provide any official remarks about it. The phishing notification arrived nearly 20 hours after the Web3 lifestyle app finished its AMA session on Twitter spaces. Peckshield is a popular Twitter account where the cryptocurrency community may learn about hacks or phishing scams.
STEPN is a Solana-based game where gamers buy nonfungible token (NFT) sneakers to begin playing. The app monitors users’ movement through the GPS on their mobile phones and gives them in-game tokens called Green Satoshi Tokens (GSTs). These coins can then be traded for USD Coin (USDC) or Solana (SOL), allowing users to cash out.
Phishing attacks, rug pulls and protocol exploits have become more prevalent in the…
..
