DeFi Llama warns against malicious link spoofing its service

Source Cryptopolitan

DeFi Llama is the latest victim of a spoofing link. The data service warns against using top links from Google, as malicious activity has been noticed. 

DeFi Llama warned against using Google to search for Llama Swap. The search yielded an advertising site as the top sponsored result, which remained live for more than two hours.

The website is not the native DEX on DeFi Llama, and will instead contain malicious links. The site has been reported to Google, but remained live for a while after DeFi Llama’s signal. The DeFi Llama Swap contracts have not been compromised, and there are no additional risk to users.

https://twitter.com/DefiLlama/status/1856288177608159679 

DeFi Llama Swap aims to be a zero-fee service, seeking the most efficient route among multiple aggregators. The swap service is targeting Ethereum and L2 tokens, and is not compatible with Solana wallets. DeFi Llama itself is a passive data service that does not require a wallet connection. 

Even with a malicious link, some wallets should warn about the discrepancy through internal checks, and prevent any transactions or permissions. Using sponsored content on Google is a relatively old way to serve fake links and attempt to drain wallets. 

Google ads have targeted crypto projects, especially during bull runs when mainstream enthusiasm for crypto is rising. The ad arrived after a slight uptick in ‘DeFi’ search terms on Google. 

The Defi Llama Swap spoof site was identical to the original, with the exception of the URL. The faked site was flagged for suspicious activity, but contains no malware. The risk comes from the voluntary decision of the user to connect a wallet and attempt a swap. 

DeFi Llama notified of a spoof link, which showed a suspicious URL.
DeFi Llama notified of a spoof link, which showed a suspicious URL. | Source: URL Analysis

DeFi Llama advises to reach the URL from its main data service page, and then make sure it is the same tab and connection. Similar search results remain a risk for other DEX and services. Any unofficial links requiring a wallet connection have the potential to send out transactions and drain wallets. As long as the user does not sign approvals or issue transactions, the link itself was not dangerous.

Phishing link scams accelerate, become more sophisticated

In addition to social media or chats, malicious calls to sign a transaction have also come from Lottie Player, a Wordpress tool for animations and popups. Other recent reports reveal wallets may be attacked by malware posing as a Zoom link. Similar links have been posted for MetaMask and other often-used crypto services. 

Phishing scams are a relatively minor part of overall crypto losses. However, they are some of the most damaging, as they attack personal holdings and wealth. In October, scams and project attacks accelerated, to more than 46 events based on Certik’s reporting. Phishing scams are an additional risk of loss, and may affect both end users and platforms. 

Estimates put phishing scams at around $20M in October, extending the trend in the new month. This type of scam was happening the most often. The attempts to drain wallets reawakened in September, after a few slow months. 

Targeting personal wallets is happening during NFT and meme token booms, where multiple crypto events may require a wallet connection. The hackers make use of lowered attention and hide behind legitimate services or spoofed links. On social media, malicious links are also contained in promises for fund recovery, often attempting to ask for a wallet’s private keys.

On-chain data shows up to 493 ETH stolen in September, the highest level for 14 weeks in a row. Scams are not happening regularly, and may hinge on campaigns and clustered attempts. Usually, a handful of wallets will spawn an attack in a short time frame. Similar to malicious links, poisoned addresses are also targeted operations, working fast within days to hit as many victims as possible. 

More than 90% of phishing scam victims are users of the Ethereum network. Most wallet attacks are phishing, with under 10% linked to poisoned addresses.

Disclaimer: For information purposes only. Past performance is not indicative of future results.
placeholder
Gold sinks as risk appetite improves on Trump-Powell calm, China tariff relief hopesGold prices plunged more than 2.50% on Wednesday as risk appetite improved due to a possible de-escalation of US-China tensions and US President Donald Trump's statement that he doesn’t plan to fire Federal Reserve (Fed) Chair Jerome Powell.
Author  FXStreet
Yesterday 01: 32
Gold prices plunged more than 2.50% on Wednesday as risk appetite improved due to a possible de-escalation of US-China tensions and US President Donald Trump's statement that he doesn’t plan to fire Federal Reserve (Fed) Chair Jerome Powell.
placeholder
Bitcoin Price Stabilizes After Surge — Is It Gearing Up for Another Leg Up?Bitcoin price is moving higher above the $93,200 zone. BTC is consolidating gains and might continue higher above the $94,000 zone in the near term.
Author  NewsBTC
Yesterday 03: 22
Bitcoin price is moving higher above the $93,200 zone. BTC is consolidating gains and might continue higher above the $94,000 zone in the near term.
placeholder
Gold price bulls could regain control amid fading US-China trade deal optimismGold price (XAU/USD) attracts fresh buyers during the Asian session on Thursday, reversing the previous day's heavy losses and snapping a two-day losing streak to the $3,260 area or the weekly low.
Author  FXStreet
22 hours ago
Gold price (XAU/USD) attracts fresh buyers during the Asian session on Thursday, reversing the previous day's heavy losses and snapping a two-day losing streak to the $3,260 area or the weekly low.
placeholder
Forex Today: Easing geopolitical tensions support USD ahead of mid-tier dataThe US Dollar (USD) stays resilient against its peers early Thursday after posting gains for two consecutive days.
Author  FXStreet
20 hours ago
The US Dollar (USD) stays resilient against its peers early Thursday after posting gains for two consecutive days.
placeholder
Gold price snaps selling off after fresh Trump comments on tariffsGold price (XAU/USD) is turning positive, recovering above the $$3,300 level at the time of writing on Thursday after two days of firm selling pressure since it topped at $3,500 on Tuesday.
Author  FXStreet
18 hours ago
Gold price (XAU/USD) is turning positive, recovering above the $$3,300 level at the time of writing on Thursday after two days of firm selling pressure since it topped at $3,500 on Tuesday.
goTop
quote