Analysts found that scammers actively used Google Ads to defraud crypto users by bypassing ad verification and content quality control mechanisms. Such tactics allowed attackers to swipe nearly $59 million in crypto over the past nine months.
According to the Scam Sniffer report, Google’s ad services turned into a tool of scammers who actively used Google Ads to promote fake versions of popular crypto websites for the past nine months. Users lost about $58.98 million in cryptocurrency as a result of these scams.
A large-scale study launched in March by cybersecurity company SlowMist and picked up by Scam Sniffer analysts found that attackers actively circumvent Google Ads’ ad verification and content quality control mechanisms. Specifically, to make Google Ads auditing more difficult, scammers used:
- regional targeting tactics;
- page-switching;
- web redirects.
Hackers used MS Drainer, a phishing script that allows digital assets to be transferred without confirmation from the owner, to steal cryptocurrencies via fake websites. The malware developers sell it through various forums for a fixed price of $1,499.99, with various additional modules to the script costing between $500 and $1,000. Unlike other similar hacking programs, the developers of MS Drainer don’t charge a percentage of the funds received through the script, which makes them completely anonymous.
Scam Sniffer analysts managed to track down 10,072 phishing sites that were promoted via Google Ads and contained MS Drainer in the last nine months. Among them were clones of major crypto projects such as Lido, DefiLlama, Radient, Zapper, Orbiter Finance, and Stargate. Overall, fraudsters managed to deceive 63,210 crypto users during this period.
In November, cybersecurity experts found that scammers were actively using fake social media apps like Skype or Telegram to conduct phishing.
