- Phishing campaigns are carried out through Google Ads.
- Hackers have stolen close to $500,000 in funds.
- Hackers have been promoting fake wallets such as Phantom or Metamask.
Promoting cryptocurrency products through social platforms is a two-way street. Hackers are taking advantage of those inexperienced in digital norms and siphoning funds worth thousands of dollars after gaining access to users’ private keys.
Google, the hacker’s middleman
Google instituted a ban on cryptocurrency ads in 2018 to prevent users from being scammed. However, in 2021 Google announced it would allow crypto wallets to run ads on the platform.
Sponsored
With Google offering access only to wallets, hackers have found a new way to extract users’ funds. A report by Check Point Research highlights that hackers are running paid advertising and creating fake wallet look-alikes to obtain users’ private keys and exploit their wallets.
Attackers create paid advertisements for popular wallets, including MetaMask and Phantom. However, the domain URL name has an unnoticeable difference. Instead of the original “phantom.app,” hackers use “phantonn.app” which makes it very similar to the original. Moreover, the website is a 1 to 1 replica of the original wallet, but security is not guaranteed.
On The Flipside
- Google will not change their policy because they are generating additional revenue as keyword bids are increasing.
According to CPR, hackers have managed to subtract at least $500,000 using the paid advertising method in the past couple of days. More worrying is that hacking groups will try to leverage Google’s crypto wallet’s permission and increase their bids for keyword placements as more reports on Reddit and Twitter address wallet phishing issues.
CPR advises users to check the wallet’s URL before clicking on the ad, as hacking methods have proven to be an effective way to steal usersโ funds In addition, the group has also identified phishing activities directing users to fake decentralized exchanges such as Pancakeswap or Uniswap where their private keys are revealed to bad actors.
Why You Should Care?
The hacking method is critical, especially for newcomers in the crypto space, who don’t have the necessary technical understanding to spot problems in the promoted URLs.