According to PANews, security team Scam Sniffer has issued a warning to users about scams conducted through fake websites. Recently, a user was directed to a counterfeit @pudgypenguins site via a news portal in Singapore. Investigations revealed this to be part of a large-scale malicious advertising campaign. The attack involves malicious ads distributed through the Google ad network, which load suspicious code from Adloox. This code checks if users have a Web3 wallet, and if detected, redirects them to the fake site pudqypenguin[.]com. Currently, the primary targets are @pudgypenguins users, but this method could easily be adapted for other projects.
Users are advised to take the following precautions: enable ad blockers, use a separate browser for accessing cryptocurrency-related sites, verify URLs three times before connecting wallets, and install the ScamSniffer plugin.