BitcoinWarrior

News and Education

Over 8 billion yen worth of virtual currency stolen in Google’s fake advertising phishing scam

Phishing scam using false advertisements

Web3’s fraud prevention platform Scam Sniffer announced on the 21st that a type of malware called MS Drainer had stolen approximately 8.4 billion yen (nearly $58.98 million) from approximately 63,210 victims over the past nine months.

MS Drainer is a piece of malware called Wallet Drainer that is designed to create transactions that steal crypto assets (virtual currency) from wallets.

Scam Sniffer has detected approximately 10,072 phishing websites using MS Drainer from March to December. It was especially active in May, June, and November.

It takes the form of a phishing scam disguised as an advertisement on the web, and even when Internet users think they have clicked on an advertisement for an official blockchain project, they are actually redirected to a fake site.

For example, scammers created fraudulent versions of popular platforms such as Zapper, Lido, DefiLlama, and Radient and used Google’s advertising system to direct victims to fake sites. These fraudulent advertising links have also been observed on the X platform.

It also uses redirect technology, which makes the URL in the ad appear to be from an official domain, but actually redirects you to a phishing site.

It also used geo-targeting and frequently switched landing pages to evade Google’s ad audit system.

Many phishing scams target virtual currency users. Most recently, in September, 3.6 billion yen worth of Ethereum (ETH) was stolen in a single phishing scam. This was one of the largest losses ever for a single virtual currency scam.

connection: Ethereum worth 3.6 billion yen was stolen by phishing scam, the largest single loss ever

What is a phishing scam?

A cyber crime that deceives users by redirecting them to fake sites and stealing authentication information and personal information.

â–¶Virtual currency glossary

400 million yen stolen on Christmas day

On Christmas Day, the 25th, Scam Sniffer used a technique that transferred people from Google ads to fraudulent sites, and in 24 hours, it collected approximately 430 million yen in wrapped Bitcoin (wBTC), Aave USDC (aUSDC), USDT, and others. ($3 million) worth of virtual currency was reported stolen.

He continued that it’s important for users to always be suspicious of advertisements and to carefully check if they receive a signature request to make sure it’s not a phishing scam. Advertising platforms also need to strengthen their verification processes.

What is “address poisoning”?

People are also calling attention to “address poisoning,” a new method of fraud.

This involves sending small amounts of money to the victim’s wallet from a fake address similar to the recipient address to which the victim previously sent money, leaving a transaction history. The target is for the victim to mistakenly identify the address as a real address, select a fake address from her transaction history, and send money.

connection: Metamask warns of new scam “address poisoning”

CoinPost Special feature for virtual currency beginners

The post Over 8 billion yen worth of virtual currency stolen in Google’s fake advertising phishing scam appeared first on Our Bitcoin News.