Tuesday, December 7

They steal USD 500 thousand in cryptocurrencies with malicious ads in Google Ads


Advertisements that appear in the Google search list seem to be the new niche for scammers. A recent study determined that just last weekend, nearly $ 500,000 was stolen through ads on Google Ads.

The study, published This November 4, the IT security firm, Check Point, followed up on the most recent scams that operated under this modality.

According to the research, the ads pretended to be promotions from genuine cryptocurrency platforms such as MetaMask, Pancake Swap or Phantom to steal information from wallets.

This type of scam is known as «phishing«. Its operation is to recreate or emulate the interface of a web portal, or in this case of a wallet, so that the user believes that he is using the real wallet. The fake app will ask you to enter the recovery seed to start, this being the moment when the scammers transfer the funds.

To capture the greatest number of victims, scammers have been bidding to rank first in searches for fairly specific keywords, as is the case with “Metamask” or “PancakeSwap”.

The Check Point study determined that a total of 11 wallets were compromised in this type of scam, just last weekend. Each of the portfolios had balances between $ 1,000 and $ 10,000. According to estimates made, the company considers that the total amount of funds stolen using Google Ads could exceed USD 500 thousand.

Check Point shared some screenshots of the malicious ads found.
Source: Check Point.

In a matter of days, we witnessed the theft of hundreds of thousands of dollars in cryptocurrencies. We estimate that over $ 500k was stolen this past weekend alone. I think we are at the advent of a new cyber crime trend, where scammers will use Google search as a primary attack vector to target cryptocurrency wallets, rather than traditional phishing via email.

Oded Vanunu, Head of Research at Check Point.

Google and its policy against bitcoin and cryptocurrency ads

In 2018 Google unveiled its new ad policies, where any keyword (keyword) related to bitcoin or cryptocurrencies, could not be advertised within the search engine.

In August of this year, said cryptocurrency “anti-advertising” policy was revoked, as reported by CriptoNoticias. However, it established a series of limitations for advertisers when publishing, such as that of apply for a kind of “advertising license.”

While these ad policies exist, scammers have found a way to bypass the restrictions and run crypto-related ads. In this case, publishing on related keywords such as “wallet” and not directly on bitcoin or any other crypto asset.

Security Recommendations

The investigation concludes by giving stakeholders some safety tips to protect themselves from scams of this nature.

The first of these recommendations is to verify the authenticity of URLs. In the case of MetaMask, which acts as a browser extension, it recommends making a verification that the original app is actually being used.

Other basic tips are not to share the recovery seed, since this is the only real backup that a user can have on their funds. As well as not using ad links. In this case, it is advisable to select the link that shows the Google search list, ignoring the results shown as ads (ads).



www.criptonoticias.com