Crypto websites Etherscan, CoinGecko, DeFi Pulse and others reported incidents where a malicious pop-up window prompted users to connect their MetaMask wallets.
The phishing attack appears to originate from a domain bearing the Bored Ape Yacht Club logo. At press time, the site appeared to have already been taken down.
"We are investigating the cause of this attack to fix it as soon as possible," CoinGecko founder Bobby Ong told CoinDesk in a Telegram message.
"The situation is most likely caused by a malicious ad script from Coinzilla, a crypto ad network - we have now disabled it," Ong said. "We continue to monitor the situation."
In a tweet, Etherscan asked users to "not confirm any transactions" that appeared on its website.