Several users of cryptocurrency data platforms like CoinGecko, EtherScan and Dextools were on Friday subject to a phishing attack. Complaints from multiple users alerted that popups appeared on the platforms asking to connect their Metamask wallets.

Following this, CoinGecko tweeted, “Security Alert: If you are on the CoinGecko website and you are being prompted by your Metamask to connect to this site, this is a SCAM. Don’t connect it. We are investigating the root cause of this issue.”

In a subsequent update, CoinGecko said the phishing attack was caused by a malicious ad script by Coinzilla. “The situation is caused by a malicious ad script by Coinzilla, a crypto ad network – we have disabled it now but there may be some delay due to CDN caching. We are monitoring the situation further. Do stay on alert and don’t connect your Metamask on CoinGecko.”

Etherscan, an analytics platform for Ethereum, tweeted, “We have received reports of phishing popups via a 3rd party integration and are currently investigating. Please be careful not to confirm any transactions that pop up on the website.”

Similarly, reacting to an alert to not sign any requests delivered to Metamask wallets, Dextools, a DeFi app, said it was disabling all ads until the situation is clarified by Coinzilla. “Please be aware and don’t sign suspicious requests at your wallet. DEXTools does not automatically request any permissions.”