Rogue $58M Crypto Hack on Google Search and Social Media
Web3 anti-scam platform Scam Sniffer has pointed to a hacker operating phishing campaigns on Google and social media which has taken millions in crypto from victims.
“A ‘Wallet Drainer’ has been linked to phishing campaigns on Google search and X ads, draining approximately $58M from over 63K victims in 9 months,” the post stated.
Sophisticated Methods Employed by Hacker in Crypto Theft
In a series of posts on X (formerly Twitter), Scam Sniffer outlined its interpretation of how the scam leading to millions of lost crypto went down, which they first spotted in March.
‘We first detected them in March, and the Slow Mist Team shared their trails with us in early April. Then at the end of April, we spotted them again in Google search ad phishing.”
Extract from Scam Sniffer X Thread. Source: Scam Sniffer
However, the anti-scam platform provided additional details. It highlights that ZachXBT, a notable blockchain investigator, recently disclosed nine phishing ads on X. Over half of these ads were traced back to a common wallet drainer.
“A recent test of X’s ad in the feed showed that 9 were phishing ads, with over 60% using this wallet drainer,” the post further stated.
It explained that the hackers used regional targeting and page-switching tactics to bypass ad audits. This reportedly adds complexity to the review process, enabling the approval of malicious ads.
Furthermore, it notes that phishing ads employ redirect tricks to seem legit. Similar to disguising links as official domains that actually lead to phishing sites.
Read more: What Is a Rug Pull? A Guide to the Web3 Scam
Crypto Hacker Activity Surges in Recent Period
In recent times, there has been a surge in reports of sophisticated crypto scams.
On December 16, BeInCrypto reported that peer-to-peer trading platform NFT Trader fell victim to a sophisticated hack. This resulted in the theft of millions of dollars worth of high-value Non-Fungible Tokens (NFTs).
The NFT platform confirmed the attack, revealing that “old smart contracts” were the hackers’ entry point.
However, the company advised users to revoke any permissions previously granted to these smart contracts.
Additionally, the main attacker left a public message on the blockchain.
He blamed another user for the NFT exploit and claimed the attack was to “pick up leftover trash.” Meanwhile, the hacker even proposed returning the tokens for a ransom – 3 ETH per Bored Ape and 0.6 ETH per Mutant Ape.
Read more: Crypto Social Media Scams: How to Stay Safe