How Scammers Exploited Google and Twitter Ads to Siphon $58M
- ScamSniffer revealed a Wallet Drainer exploit has been leveraging 𝕏 ads to scam users.
- The security firm shared that the exploit has been going on for months.
- Read how you can stay safe from this exploit.
The crypto industry remains a prime target for scammers and hackers seeking unsuspecting victims . Evolving their tactics regularly, their methods take new and sophisticated forms, rendering previous precautious obsolete.
Keeping in line with this trend, reports have now surfaced of a new ‘Wallet Drainer’ exploit that used Google searches and 𝕏 (Formerly Twitter) ads to successfully steal millions over nine months, hitting over 60,000 victims to date.
Hacker Bypass Google and X Systems
On Thursday, ScamSniffer , a prominent Web3 security platform, announced on 𝕏 that a Wallet Drainer malware has been on the loose for over nine months, siphoning off over $58 million from 63,000 victims.
Initially detected in March, ScamSniffer linked the malware to multiple phishing campaigns and 𝕏 ads, taking multiple forms, including ‘Ordinals Bubbles.’ The security firm shared that scammers employed regional targeting and page-switching tactics to evade ad audits and make it harder for Google and 𝕏 to catch on to their malicious ads.
ScamSniffer reported that over 10,000 sites were associated with the same wallet drainer, with peak activity observed in May, June, and November.
Given the increasing complexity of scams, it has become crucial for users to establish necessary precautions and exercise better vigilance.
How to Stay Safe From Ad Scams
While scammers may have bypassed Google and 𝕏’s review process, a trained eye can readily identify and filter them out. Here are some tips that can significantly enhance your safety against potential hacks:
- Look for inconsistencies. Most scams barely put any effort into their ads.
- If it’s too good to be true, it’s probably not true.
- Protect your recovery phrase by keeping it somewhere private.
- Double-check links, websites, and emails. Refrain from clicking any link unless it’s from a verified source. If the verified source has been compromised, take up the issue with other users and look for warnings and red flags.
- Verify and scan all addresses, such as contract, sender, and others, before doing anything permanent.
- Report any suspicious activity to the concerned departments as soon as possible.
- Set up additional security layers, such as two-factor authentication.
- Always do your research.
On the Flipside
- Overall, crypto hack losses have fallen by 50% compared to 2022.
- Tether implemented a wallet-freezing policy enabling the freezing of USDT obtained through illicit means. The stablecoin issuer has recently applied this policy to freeze USDT acquired by the Ledger hackers.
Why This Matters
While 𝕏 and Google have upped the ante on crypto ads and scams, malicious actors are still finding ways to bypass their radars, targetting unaware victims. Today, advertising has become a key tool for scammers to target victims cost-effectively. It’s critical for ad platforms to strengthen checks and for users to approach ads with caution.
Find out why Charles Hoskinson isn’t interested in partnerships with XRP:
Cardano Founder Stands Firm Against Partnerships with XRP Read how Messari stirred drama by cutting Cardano from its report:
Messari Report Irks Cardano Execs over Chain’s Omission
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
SingularityNET partners with Mina for privacy-focused decentralized AI
Huge ‘screw-up’ — Pump Science apologizes after flood of fraud tokens
Crypto hackers steal $71M in November, bringing yearly total to $1.48B
Non-USD stablecoins can spur adoption: Report