A blockchain analytic platform revealed that over $4 million worth of crypto tokens were stolen from unsuspecting users who were victims of phishing sites promoted via Google Ads. ScamSniffer noted that malicious adverts from phishing websites have increased in most Google Ads search queries in recent weeks.
Increase In Malicious URLs
According to ScamSniffer, a blockchain security analytic firm, malicious promotions in Google searches have increased in recent weeks. The platform explained that the URLs on the search engine led to fraudulent sites tricking users into authorizing wallet login requests, compromising their crypto wallet addresses. Furthermore, several decentralized finances (DeFi) protocols, like Lido, DefiLlama, and Zapper.fi, have been targeted by malicious entities.
The blockchain security firm disclosed that a slight change to a brand’s URL makes it difficult for users to know they have clicked on a link to a malicious site. An assessment of the metadata of the phishing websites shows that most of these advertisers are from Canada and Ukraine.
In addition, the users who placed the malicious links deployed various strategies to bypass Google ad approval processes. Some of their plans include altering the Google Click ID parameter allowing the advertisers to show a regular webpage for the Google ad review process.
Moreover, the attackers often use an anti-debugging method that redirects users to the original website. By integrating a developer tool, the site will then direct users to the malicious website through a direct click.
With this method, scammers can easily sidestep Google ads review mechanisms. ScamSniffer estimates that $4.16 million must have been stolen from more than 3,000 crypto users in the past month based on on-chain data analysis from the websites linked to the malicious addresses.
The anti-scam platform traced the on-chain movement of funds to various crypto exchanges and asset-mixing services like Binance, KuCoin, Tornado Cash, and SimpleSwap.
A Lucrative Venture
According to ScamSniffer, the cost of advertising crypto-related phishing addresses is high. It added that the average cost per click for related keywords on the search engine ranges from $1 to $2.
With an estimated conversion rate of 40% from about 7,500 users clicking on malicious ads, the attackers spend roughly $15,000 on advertising which in most cases brings a return of investments of almost 270% considering the over $4 million stolen.
The Russian cyber security company Kaspersky recently stated that there had been a 40% year-on-year increase in cases of crypto-related phishing attacks throughout last year. According to Kaspersky, over 5 million phishing attacks occurred in 2022 alone.
In another development, regulatory agencies in the United States are deepening their efforts in the crackdown on crypto-related crimes. With the high-profile arrests of Anatoly Legkodymov, CEO of Bitzlato, and recently Sam Bankman-Fried, former CEO of crypto exchange FTX, the US government is in an all-out war against crimes in the digital asset industry.
The Department of Justice (DoJ) is at the forefront of the fight against crypto crimes with a series of operations to trace and investigate cases of illegal financial activities involving individuals and companies (including crypto players) in the United States. Meanwhile, the DoJ is interested in tackling fraud cases, ransomware attacks, and other digital extortion schemes.
At Tokenhell, we help over 5,000 crypto companies amplify their content reach—and you can join them! For inquiries, reach out to us at info@tokenhell.com. Please remember, cryptocurrencies are highly volatile assets. Always conduct thorough research before making any investment decisions. Some content on this website, including posts under Crypto Cable, Sponsored Articles, and Press Releases, is provided by guest contributors or paid sponsors. The views expressed in these posts do not necessarily represent the opinions of Tokenhell. We are not responsible for the accuracy, quality, or reliability of any third-party content, advertisements, products, or banners featured on this site. For more details, please review our full terms and conditions / disclaimer.