Security researchers have discovered a new series of “crypto drainer” malware attacks that have stolen $ 59 million from victims so far after they had lured them to Phishing pages via Google and X (formerly Twitter) advertisements.
A crypto outlet is a kind of malware that misleads the user to approve a transaction that then automatically removes his cryptocurrency portfolios. SCAM Sniffer revealed that a certain version, Mrs. Drrainer, was behind the new wave of attacks.
Victims are lured to phishing pages with the malware by clicking on Google and X ads that are linked to keywords from the Defi -world such as Zapper, Lido, Stargate, Defillama, Orbiter Finance and Radiant, the company said.
These malignant advertisements were detected for the first time in March and used various techniques to bypass AD audits, such as focusing only specific regions and the use of “diversion fraud” to bring users to phishing sites.
Read more about malignant advertisements: Microsoft’s Bing AI is confronted with Malware threat through misleading advertisements
SCAM Sniffer said that since March it has observed around 10,000 phishing sites with the help of drainers and claimed 60% of the phishing advertisements on X that take users to malware that is designed to steal their virtual currency.
Ms Draininer in particular has stolen $ 59 million from 63,210 victims for the past nine months, said it.
Scam Sniffer found the drain for sale on a dark web forum. In contrast to other similar malware that is fully managed, whereby developers charge a fee of 20%, Mrs Draininer’s managers sell the source code directly to all-comers.
The security seller insisted on internet users to stay careful when dealing with online advertisements and demanded the advertisement industry its game.
“As can be seen, advertising has become an important means of phishing to reach their victims. By focusing on a specific target groups via Google -search terms and the next base of X, they can select specific goals and constantly launch phishing campaigns at very low costs,” concluded it.
“Combined with the use of domain spoofing and bypassing advertisements, users are confronted with continuous phishing threats. AD platforms must improve their verification processes to prevent malignant actors from operating their services.”