• 34ºc, Sunny

Scam Sniffer: Detected URL redirect attack against Pudgy Penguins users

On December 25th, Scam Sniffer issued a security alert. Users reported that visiting a Singapore news portal would be redirected to the fake URL of Pudgy Penguins. After investigation, it was revealed that this was part of a larger malicious advertising campaign. The principle of the attack is as follows: The malicious ads are served through the Google Ad Network; the ads load suspicious code from Adloox; the code checks if you have a web3 wallet; and if detected, redirects to the fake website of Pudgy Penguins. The current attack is only targeting Pudgy Penguins users, but this approach could easily be applied to other projects, reminding users to check URLs carefully. Precautions: Enable ad blockers; use a separate browser for encryption activities; double check URLs before connecting to wallets; install browser security extensions.