The crypto space is no stranger to malicious attacks, and Decentraland recently experienced a similar situation. The well-known Metaverse website is currently experiencing a phishing attack as malicious parties have replicated the website.
The elaborated scheme is curated to attack gullible users, gaining their mnemonics and secret keys. While the site is built to directly affect users on the Ethereum network, traders with FORTMATIC, METAMASK, and TRUST wallets are also at risk if they connect to the false website. The newly discovered attack naturally affected Decentraland’s market position, as users felt unsafe regarding the platform.
Recently Decentraland has attracted a lot of attention from big investors, with Microsoft pumping $69 million into the development of Decentraland’s open source project. According to this MANA forecast, the token’s investors have more than enough reason to be optimistic. Given the severity of the situation, Decentraland is expected to take quick and harsh actions on the website since the longer it stays up, the further it will affect Decentaland’s reliability.
The malicious attackers have built the website to Explore the LANDS they possess to see exquisite architecture and vistas. The website is strikingly similar to the original platform, stating it is taking users from a space adventure to a maze to entire towns developed from the community members’ imagination.
LAND is the NFT held within Ethereum smart contracts used in Decentraland’s traversable, finite, 3D virtual environment. The platform has divided the land into parcels with cartesian coordinates. The replicated website is also offering the same programs as the original one, so it is tricky to differentiate between the two.
Since the fake site encourages users to push their creativity using the Builder tool, it is easy to lose users’ account access and private keys. As soon as these parties access users’ wallets, they are bound to exploit any cryptocurrency within it. With the chances of getting these funds back are slim, users should be extremely cautious while logging in on the platform.