The exploit reportedly prompts users to connect their wallets via a pop-up, triggering a token drainer.