new user so can’t start a new topic so sorry for taking over this one!
it takes you to apparently the correct etherdelta dot com domain /airdrop page.
A quick check of the source shows they are stealing private keys and then displaying a random amount of ETH you’ve been rewarded with.
If you copy and paste the URL you get a url xn–eterdelta-m75d dot com/airdrop.html
How have they done this hack?
Have they taken over etherdelta’s cloudflare account or their DNS servers or website?