PeckShield, a blockchain analytics and security firm, has discovered that hackers are using malicious sites to target users of the Solana-based gaming platform STEPN. Within the previous 30 days, the number of STEPN users has surpassed one million as the value of the token has surpassed $3. PeckShield encourages users to download its free PeckShield extension to their wallet so that they can detect any malicious site. The organisation also asked them to notify the development team if they noticed any strange behaviour on their account.
A rogue MetaMask plugin on these sites allows them to harvest seed phrases from unwitting users. The link also asks visitors to connect their wallets in order to claim a fake giveaway, which provides the hackers full access to the victims’ wallets, allowing them to steal cryptocurrency.
While STEPN has yet to issue an official statement regarding the phishing attack, one user reported that he was able to contact the support team and have them assist him with a problem he was having.
STEPN is a Web3 gaming and leisure application that lets users earn Green Satoshis (GST) while moving about. This is tracked by the platform using the GPS on the players’ mobile devices.
According to data from its Twitter account, the network has grown in popularity in recent weeks, with over 1.5 million users in the last 30 days. This is partly due to the token’s meteoric ascent from a low of $0.01 to a high of nearly $3 in the same time frame.
Malicious attacks becoming extremely common
This STEPN event demonstrates how widespread phishing assaults have become in the crypto community. Several phishing attacks and attempts have occurred in recent months, resulting in the loss of millions of dollars for many cryptocurrency holders.
Arthur Cheong, the founder of DeFiance Capital, was the victim of a spear-phishing attempt that resulted in the loss of $1.7 million in NFTs. Another incident saw OpenSea, a popular NFT marketplace, report that some customers had lost millions of NFTs due to “phishing.”
As a result of the rise in these attacks, the crypto community is warning investors to be wary of connecting their wallets to odd sites and clicking on random links.