Researchers at Malwarebytes Labs have identified a phishing campaign where attackers created a fake version of the Pudgy World site to steal crypto data.
The attack targeted users interacting with the Pudgy Penguins NFT ecosystem. The malicious site replicated the visual structure of the original platform, including its interface elements and navigation. The link was distributed through third-party channels, including social media and online advertisements.
According to analysts, the fake site prompted users to connect their crypto wallets and then requested sensitive information, including seed phrases and passwords. Users who entered this data lost control of their assets.
Read Also: