“The phishing site abuses that step: When a visitor selects their wallet on this fake site, it shows what appears to be that wallet’s own unlock screen. To the user, it looks for all the world like the real crypto wallet software they already trust.”
What is Pudgy World?Dasic said the timing of the campaign appears deliberate, coinciding with the game’s launch and the influx of new users unfamiliar with crypto wallet security practices.
“The range of wallets targeted is also significant. The campaign leaves almost no wallet blind spot," he said. "Whether the victim holds Ethereum, Solana, or multi-chain assets, there is a convincing forgery waiting for them.”
“Building 11 wallet-specific UI forgeries is not a trivial undertaking," Dasic added, noting that it suggests either a "well-resourced threat actor" or the reuse of a commercial phishing kit built for this class of attack.
Such tactics are common in crypto-related scams, where attackers register domains that closely resemble legitimate ones or manipulate search ads to appear authentic. For example, fraudsters may send out official-looking emails using a domain with “.qov” instead of “.gov” in the hopes people won’t notice the slight difference.
Users are advised to access official sites only through trusted bookmarks, avoid clicking links from social media or direct messages, and remember that legitimate wallet password prompts do not appear inside webpage content. Malwarebytes also recommended changing wallet passwords immediately if credentials were entered on a suspicious site and considering moving funds to a new wallet if compromise is suspected.
Pudgy Penguins has been approached for comment.
