Heimdal™ Security SOC Team Discovers Typosquatting Domain Masquerading as Crypto-Swapping Platform

’s Security team has recently unearthed a new typosquatting domain specifically crafted to resemble Trader Joe XYZ’s URL, one of the most sought-after trading platforms. Tricked by a typo in the spelling of the crypto-swapping platform’s URL, users would send their MetaMask wallets to an unknown party or parties that would ultimately despoil their contents.

Misspelled URL puts Thousands of Traders at Risk

Earlier today, Heimdal™ reported that a Trader Joe XYZ lookalike site was identified. The domain, associated with the 68.65.123.18 and tracked via ARIN to soil, contained the misspelled world “trader” (i.e. tradrjoexyz.com instead of the legitimate traderjoexyz.com). Additional metrics provided by a VirusTotal query suggest that the typosquatting domain has had numerous associations with other (potentially) harmful .

Heimdal™ cautions all users to pay extra attention when typing in , especially when it comes to electronic instruments such as Trader Joe XYZ. It seems very likely that this isn’t the first time the platform was assaulted by typosquatters. A closer look at the website’s landing page reveals a cautionary message: “Always make sure the URL is www.traderjoexyz.com

Read More: https://heimdalsecurity.com/blog/heimdal-typosquatting-domain/