It’s safe to say that we, as a society, don’t get to where we are today without being persistent. All the bumps on our road could have easily stopped us, if it wasn’t for our knack of sticking around. Nevertheless, this tendency of ours to be relentless hasn’t always proven to be a good thing. Time and again, we witness a section of people using it as a fuel to achieve malicious objectives, and like any other thing, such pursuits have also grown significantly in the day and age of technology. Make no mistake; technology’s aptitude really put us on a pedestal, but we must not overlook the negatives. The very convenience that technology takes great pride in has allowed hackers and threat actors to attack others in a variety of ways. This has been confirmed quite sensationally over the last year and a half, with U.S. plunging deeper and deeper into its cybersecurity crisis every day. As if devastation didn’t look enough already, the hackers are now exploiting some of the most trusted areas within the digital realm, and their latest target is causing losses worth hundreds and thousands of dollars.
According to a report published by Check Point Research, the hackers’ community has silently devised a new and lethal weapon, which uses cryptocurrency and Google Ads as the core pieces to scam users. The tactic effectively starts by hacker securing a Google Ad slot. Next up, it’s time to develop a duplicate platform of some popular crypto wallet. This phishing website then rides on higher placement to lure in unsuspecting users before they can get to organic results. Once the user has been successfully redirected to the pseudo platform, these hackers play with two major ways to wrap up the attack. Either the hacker can simply steal personal credentials of the user. Or, in a worse case, the user can be told to enter a recovery password, if they want to create a new wallet. As you can guess from here onwards, the password logs you into a wallet that is controlled by the hacker instead. Hence, any funds added to this wallet will now go directly to them.
“What’s most alarming is that multiple scammer groups are bidding for keywords on Google Ads, which is likely a signal of the success of these new phishing campaigns that are geared to heist crypto wallets,” said Oded Vanunu, Check Point Research.
As per the observations so far, these attacks have primarily targeted popular crypto wallets like Phantom and MetaMask.
The ease with which hackers are using their new tactic is also raising serious questions about Google’s integrity, and that has prompted the company to respond.
“This behavior directly violates our policies and we immediately suspended these accounts and removed the ads. This appears to be a malicious actor looking for ways to evade our detection. We are always adjusting our enforcement mechanisms to prevent these abuses,” stated a Google spokesperson.