Hackers take advantage of Google Ads to steal $ 4 million in cryptocurrency

According to CoinTelegraph, hackers stole $4 million worth of crypto by promoting fraudulent websites using Google Ads.

ScamSniffer, a company that provides Web3 anti-phishing services, says ads from phishing sites are common on Google. login signature When the user clicks on the ad, they will be asked to enter a digital wallet.

A number of decentralized finance (DeFi) protocols, websites, and platforms such as Zapper.fi, Lido, Stargate, DefiLlama, Orbiter Finance, and Radiant have been targeted by scammers. Small changes to the official URL make it difficult for users to determine that they have clicked on malicious links.

An analysis shows that these phishing sites are linked to advertisers in Ukraine and Canada. Bad guys used several methods to bypass Google’s ad review process. This includes manipulating the Google Click ID parameter, allowing hackers to create a normal web page when users view Google Ads

Malicious ads use anti-debug methods to redirect users with developer tools enabled to a normal web page that takes one click away. to a malicious website, which helps the bad guys bypass the Google Ads review system.

According to ScamSniffer’s database, hackers stole $4.16 million from 3,000 users in April. The anti-phishing service has tracked on-chain flows to various trading platforms, like SimpleSwap, Tornado Cash, KuCoin and Binance.

ScamSniffer thinks the cost of promoting cryptocurrency-related scam sites can be lucrative. The average cost-per-click for linked keywords ranges from $1 – $2.

An estimated 40% conversion rate from 7,500 users clicking on the malicious ad, the bad guys spent around $15,000 on the ad, yielding a 276% return on investments.

A report from Russia’s Kaspersky has highlighted that the number of crypto-phishing attacks as of 2022 is up 40% year-on-year with more than 5 million identified scams

Related posts

Be wary of SteelFox malware attacking Windows using a copyright-cracking tool

Lazarus exploits zero-day vulnerability in Chrome to steal cryptocurrency

Detect fake survey emails to install Linux malware on Windows systems