Scam Alert: Fake PENGU Website Discovered As The Token Surges

• A user reported being redirected to a fake Pudgy Penguins website via a Singapore news portal.
• Investigation revealed the fake website was part of a larger hostile advertising campaign.
• Scam Sniffer lists various things like using ad blockers to protect against these attacks. 

Pudgy Penguins’ meme coin PENGU, which was released on the 17th of December, has grown by 609.45%, reaching a price of $0.03547. This impressive growth attracted the attention of individuals with malicious intent trying to exploit the hype. According to Scam Sniffer, a Web3 anti-scam solution, a user reported a fake pudgy penguin website redirected through a Singapore news portal. 

A user browsing a Singapore news portal was redirected to a fake pudgy penguin website and later reported it. The fake website, looking similar to the official Pudgy Penguins website in some ways, was mainly designed to scam investors using the PENGU token. It prompted investors to link their ETH or SOL wallet under the pretense of checking their claim eligibility for PENGU. The goal behind the fake website might be to steal wallet credentials, private keys, or funds.   

Based on the report, experts conducted an investigation, which later revealed that this was part of a larger malicious advertising campaign. The attack works as follows: hackers first leverage the Google Ad Network to distribute malicious advertisements. They will appear legitimate and will show up on various trusted websites. Once the ad is displayed on the screen, it automatically loads a JavaScript code from adlooxtracking. This domain is used as part of the malicious infrastructure. 

The code will check whether the user has a Web3 wallet installed on the browser, and if the wallet is detected, the user will be redirected to a fake Pudgy Penguins website. Although the website currently only targets Pudgy Penguins users, the same method could be easily implemented for other projects as well. Experts caution to check the website URL carefully in such scenarios. The URL of the fake website is pudqypenguin.com, which is different from the official website URL. 

Scam Sniffer has listed various methods to protect against these kinds of attacks. He suggests enabling ad blocker, using a separate browser for crypto, triple-checking URLs before connecting the wallet, and lastly, installing the ScamSniffer extension. 

The rise of the PENGU token has made it a target for cybercriminals to exploit unsuspecting users. This incident serves as a stark reminder to remain vigilant in the Web3 space.

The post Scam Alert: Fake PENGU Website Discovered As The Token Surges appeared first on CryptoTale.