Over the past year, cybercriminals have been using phishing scams to steal millions of dollars worth of crypto assets through malicious ads on popular platforms like Google and X. Researchers at a cybersecurity firm ScamSniffer have discovered that scammers are using ‘wallet drainers’ to steal crypto assets. One of these drainers, in particular, has been used extensively in phishing ads.
In a blog post, the company says that this drainer was first discovered in Google search ad phishing. Later, they were found in a set of X phishing ads shared by ZachXBT. In a recent sampling test of ads in X’s feeds, the company found that nearly 60% of the phishing ads were using this particular drainer.
From March to December, Scam Sniffer monitored about 10,072 phishing websites using them. The company has also analysed the on-chain data linked to their phishing addresses and has discovered that they have stolen nearly $58.98 million from over 63,000 victims over the past nine months.
What are wallet drainers and how are they spreading
A wallet drainer works by tricking users into authorising malicious transactions which steal the assets in their crypto wallets. This usually happens when users click on malicious links in false advertisements that are actually phishing scams.
For example, some of the recent phishing scams that utilise the wallet drainer include a cluster of phishing ads on X called “Ordinals Bubbles” and fake links to popular crypto platforms like DeFiLlama and Lido.
These phishing ads have turned even more sophisticated. They use redirect tricks that look like official and legitimate domains. But in reality, these links lead to phishing websites.
The blog post notes: “Phishing scammers have used these drainers through various means such as phishing ads, supply chain attacks, Discord phishing, Twitter spam comments and mentions, Airdrop Phishing, SimSwap attacks, DNS attacks, email phishing, etc., to continuously target ordinary users with phishing attacks, causing a significant loss of assets.
Why scammers like this wallet drainer
Unlike other wallet drainers, this one doesn’t charge a 20% fee of the scammers’ profits. The developers of this malware sell the source code for a flat fee and additional value-added modules as extras.
The report says: “By targeting specific audiences through Google search terms and the following base of X, they can select specific targets and launch continuous phishing campaigns at a very low cost.”
In a blog post, the company says that this drainer was first discovered in Google search ad phishing. Later, they were found in a set of X phishing ads shared by ZachXBT. In a recent sampling test of ads in X’s feeds, the company found that nearly 60% of the phishing ads were using this particular drainer.
From March to December, Scam Sniffer monitored about 10,072 phishing websites using them. The company has also analysed the on-chain data linked to their phishing addresses and has discovered that they have stolen nearly $58.98 million from over 63,000 victims over the past nine months.
What are wallet drainers and how are they spreading
A wallet drainer works by tricking users into authorising malicious transactions which steal the assets in their crypto wallets. This usually happens when users click on malicious links in false advertisements that are actually phishing scams.
For example, some of the recent phishing scams that utilise the wallet drainer include a cluster of phishing ads on X called “Ordinals Bubbles” and fake links to popular crypto platforms like DeFiLlama and Lido.
These phishing ads have turned even more sophisticated. They use redirect tricks that look like official and legitimate domains. But in reality, these links lead to phishing websites.
The blog post notes: “Phishing scammers have used these drainers through various means such as phishing ads, supply chain attacks, Discord phishing, Twitter spam comments and mentions, Airdrop Phishing, SimSwap attacks, DNS attacks, email phishing, etc., to continuously target ordinary users with phishing attacks, causing a significant loss of assets.
Why scammers like this wallet drainer
Unlike other wallet drainers, this one doesn’t charge a 20% fee of the scammers’ profits. The developers of this malware sell the source code for a flat fee and additional value-added modules as extras.
The report says: “By targeting specific audiences through Google search terms and the following base of X, they can select specific targets and launch continuous phishing campaigns at a very low cost.”
Denial of responsibility! Swift Telecast is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – swifttelecast.com. The content will be deleted within 24 hours.