With a new wave of investors investing in memecoins, scammers are already starting to target wallets.
One of the memecoin projects that attracted a lot of attention in late 2024 was Pudgy Penguins (PENGU), already listed on major cryptocurrency exchanges such as Binance, OKX and others.
With great attention and an appreciation of more than 600% since its launch on December 17, the project has now entered the sights of scammers.
Memecoin investors have already started reporting problematic cases that put their portfolios at risk. And to make even faster profits, scammers may even be using sponsored ads on social media.
Fake website asks users to connect their wallets to earn PENGU, but investigators warn of risks
In an urgent alert to the market, the security company profile “Scam Sniffer | Web3 Anti-Scam” said it received a communication from an investor about a new scam in progress.
According to the analysis, through advertisements on websites, with Google's advertising mechanism, users are taken to a website that claims to be related to the PENGU project.
“A user reported being redirected to a fake @pudgypenguins website via a Singapore news portal. Our investigation revealed that this is part of a larger malicious advertising campaign.”
According to investigators, the attack is carried out through malicious ads served by Google AD. Furthermore, the ads carry suspicious code from Adloox.
The code can now verify whether users have a Web3 wallet, connected to the Solana or Ethereum networks. If a user caught by the algorithm has a token wallet, they are redirected to a fake Pudgy Penguin project website.
While urging users to be careful about which sites they access with their wallets, investigators urged caution when accessing any suspicious sites. However, despite the initial focus of the scammers being related to the PENGU memecoin, similar sites may emerge with the same format to target investors in other projects.
Among the team's security tips is the need to use a specific browser to navigate the cryptocurrency market, in addition to checking the website accessed to ensure that you will not be another victim of scams.
Sites phishing
Cryptocurrency-related phishing sites are fraudulent platforms designed to deceive investors and users, often by pretending to be legitimate exchanges, digital wallets or marketplace services.
Such sites capture sensitive information such as private keys, login credentials or financial details, allowing criminals to steal funds and personal data.
The situation is made worse by the irreversible nature of blockchain transactions, which makes it impossible to recover cryptocurrencies transferred to malicious addresses.
Security requires extra attention, such as checking URLs, avoiding suspicious links, and only trusting official platforms for transactions and inquiries.