Phishing For Private Wallet Keys On Google Ads

Hackers are taking advantage of those inexperienced in digital norms and siphoning funds worth thousands of dollars after gaining access to users’ private keys.

by .
Published:
Google News Follow Button
  • Phishing campaigns are carried out through Google Ads.
  • Hackers have stolen close to $500,000 in funds.
  • Hackers have been promoting fake wallets such as Phantom or Metamask.

Promoting cryptocurrency products through social platforms is a two-way street. Hackers are taking advantage of those inexperienced in digital norms and siphoning funds worth thousands of dollars after gaining access to users’ private keys.

Google, the hacker’s middleman

Google instituted a ban on cryptocurrency ads in 2018 to prevent users from being scammed. However, in 2021 Google announced it would allow crypto wallets to run ads on the platform.

With Google offering access only to wallets, hackers have found a new way to extract users’ funds. A report by Check Point Research highlights that hackers are running paid advertising and creating fake wallet look-alikes to obtain users’ private keys and exploit their wallets.

Sponsored

Attackers create paid advertisements for popular wallets, including MetaMask and Phantom. However, the domain URL name has an unnoticeable difference. Instead of the original “phantom.app,” hackers use “phantonn.app” which makes it very similar to the original. Moreover, the website is a 1 to 1 replica of the original wallet, but security is not guaranteed.

On The Flipside

  • Google will not change their policy because they are generating additional revenue as keyword bids are increasing.

According to CPR, hackers have managed to subtract at least $500,000 using the paid advertising method in the past couple of days. More worrying is that hacking groups will try to leverage Google’s crypto wallet’s permission and increase their bids for keyword placements as more reports on Reddit and Twitter address wallet phishing issues.

CPR advises users to check the wallet’s URL before clicking on the ad, as hacking methods have proven to be an effective way to steal users’ funds In addition, the group has also identified phishing activities directing users to fake decentralized exchanges such as Pancakeswap or Uniswap where their private keys are revealed to bad actors.

Why You Should Care?

The hacking method is critical, especially for newcomers in the crypto space, who don’t have the necessary technical understanding to spot problems in the promoted URLs.

Sponsored

DailyCoin Newsletter

The hottest crypto news, straight to your inbox!

newsletter icon

Get a daily dose of crypto stories in a quick read with a tongue-in-cheek twist! Suitable for everyone, from crypto newbs to battle-tested veterans.

      You can easily unsubscribe at any time. Spoiler Alert: You won’t want to!

      This article is for information purposes only and should not be considered trading or investment advice. Nothing herein shall be construed as financial, legal, or tax advice. Trading forex, cryptocurrencies, and CFDs pose a considerable risk of loss.

      Tags
      Author
      Vlad Hatze
      Vlad Hatze

      Social media fanatic and cryptocurrency enthusiast with a 10x mindset. working with ICO’s and upcoming blockchain project. Worked with ICO’s before the first cryptocurrency boom in 2017 and still HODL-ing. Creative content writer with a passion for electronic music, Instagram and cryptocurrencies