PANews reported on December 25 that the security team Scam Sniffer issued a security alert, reminding users to be vigilant against fraud activities conducted through fake websites. Recently, a user was directed to the fake @pudgypenguins website through a Singapore news portal. After investigation, it was found that this was part of a large-scale malicious advertising campaign. The specific process of the attack is: malicious ads are delivered through the Google advertising network, and the ads load suspicious code from Adloox, which detects whether the user has a Web3 wallet. If a wallet is detected, the user will be redirected to the fake website pudqypenguin[.]com. Currently, the main target is users of @pudgypenguins, but this method can be easily applied to other projects.
It recommends that users should take the following measures: enable ad blockers, use independent browsers to visit cryptocurrency-related websites, check the URL three times before connecting to the wallet, and install the ScamSniffer plug-in.