Threat Actors Steal Coinbase, MetaMask Accounts Using A Number Of Malicious Websites To Bypass 2FA

Threat actors abuse the Microsoft Azure Web Apps service to create a large number of malicious phishing websites disguised as legit crypto managing websites. For example, one of the phishing emails used in the attacks impersonates Coinbase with the message of the user's account being locked due to suspicious activity, leading the victim to the site impersonating customer support. The campaign targets various companies working with crypto, such as Coinbase, MetaMask, Crypto.com, and KuCoin. Read more...