Sunday , December 22 2024
Home / Crypto news / MS Drainer Hackers Thwart AdSense Safeguards, Steal Nearly $59 Million

MS Drainer Hackers Thwart AdSense Safeguards, Steal Nearly $59 Million

Summary:
Wallet drainers are a type of scam that generally operates by cloning a legitimate website, fooling the target into providing their crypto wallet credentials, and then executing a smart contract that sends the users’ funds to bad actors. 🚨1/ Alert: A ‘Wallet Drainer’ has been linked to phishing campaigns on Google search and X ads, draining approximately M from over 63K victims in 9 months. pic.twitter.com/ye3ob2uTtz — Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) December 21, 2023 Unlike targeted attacks on exchanges, which would involve actually breaching the security of said sites, drainer scams target either the community of a platform or whales whose internet presence has been tracked down. Different Monetization Scheme Generally, a portion of the funds are

Topics:
Cristian Lipciuc considers the following as important: , , , ,

This could be interesting, too:

Wayne Jones writes Argentina’s Mining Sector Pioneers Lithium Tokenization by Tapping Cardano

Wayne Jones writes Chinese Auto Dealer Dives Into Bitcoin Mining With 6M Investment

Wayne Jones writes Nigeria Arrests 792 in Landmark Crypto-Romance Scam Raid

Wayne Jones writes NFT Gaming Project CyberKongz Receives Wells Notice from SEC

Wallet drainers are a type of scam that generally operates by cloning a legitimate website, fooling the target into providing their crypto wallet credentials, and then executing a smart contract that sends the users’ funds to bad actors.

Unlike targeted attacks on exchanges, which would involve actually breaching the security of said sites, drainer scams target either the community of a platform or whales whose internet presence has been tracked down.

Different Monetization Scheme

Generally, a portion of the funds are rerouted directly to the hacker who created the software, a provision encoded into the smart contract that drains the wallet to prevent the attacker from backtracking. No honor among thieves, as they say.

Late last month, Inferno Drainer, a similar tool, shut down after stealing an even larger amount over a period of several months. Both platforms had begun operating during the spring.

However, MS Drainer differs in this regard, selling access to the software for the price of $1,499. Further add-ons to the software can be purchased for an extra couple hundred bucks. If a malicious Blur signature is also requested, it will run the purchaser up another thousand dollars.

Flouting Ad Safety Measures

Although Google checks advertisements submitted to AdSense to prevent scams, illegal products, and so on from being shown to users, these processes are largely automated and thus can be thwarted by those who know their way around these systems. In this case, it seems that region switching was used to avoid detection and slow down any investigations that may have been underway.

Malicious ads have been displayed on X as well ever since the social media network started outsourcing ad space to Google. Zapper, Lido, Defillama, Radiant, and Stargate were all cloned and used in these attacks.

“In a recent sampling test of ads in X’s feeds, nearly 60% of the phishing ads were found to be using them. At the same time, these phishing ads also used redirect deception techniques to make the phishing ads more credible. For example, making the ad appear to be from an official domain, but in reality, the final destination is a phishing site. You might think you clicked on an ad for the official StarkNet website, but you actually entered a phishing site.”

In some cases, not even checking the URL would help, as the ad shown to users displayed the correct link before switching to a misspelled one later on.

In total, nearly $59 million has been stolen from over 63 thousand victims using this software.

Unlike the Inferno team, the malware provider behind this tool has no intention of shutting down anytime soon.

You Might Also Like:

Leave a Reply

Your email address will not be published. Required fields are marked *