CyberSecurityBoard
Sponsor Register Login

Crypto Drainer Steals $59m Via Google and X Ads

A crypto drainer is a type of malware that tricks the user into approving a transaction which then automatically drains their cryptocurrency wallets.
Scam Sniffer revealed that one particular version, MS Drainer, was behind the new spate of attacks.
Victims are lured to phishing pages featuring the malware by clicking on Google and X ads linked to keywords from the DeFi world such as Zapper, Lido, Stargate, Defillama, Orbiter Finance and Radiant, the firm said.
Scam Sniffer said it has observed around 10,000 phishing sites since March using drainers and claimed 60% of phishing ads on X take users to malware designed to steal their virtual currency.
MS Drainer in particular has stolen $59m from 63,210 victims over the past nine months, it said.
Scam Sniffer found the drainer for sale on a dark web forum.
Unlike other similar malware that is fully managed, with developers charging a 20% fee, MS Drainer's administrators sell the source code direct to all-comers.
The security vendor urged internet users to remain cautious when interacting with online advertising and demanded the ad industry up its game.


This Cyber News was published on www.infosecurity-magazine.com. Publication date: Fri, 22 Dec 2023 09:30:16 +0000


Cyber News related to Crypto Drainer Steals $59m Via Google and X Ads

Crypto drainer steals $59 million from 63k people in Twitter ad push - Google and Twitter ads are promoting sites containing a cryptocurrency drainer named 'MS Drainer' that has already stolen $59 million from 63,210 victims over the past nine months. According to blockchain threat analysts at ScamSniffer, they ...
1 year ago Bleepingcomputer.com
Hundreds of Thousands of Dollars Worth of Solana Cryptocurrency Assets Stolen in Recent CLINKSINK Drainer Campaigns - On January 3, 2024, Mandiant's X social media account was taken over and subsequently used to distribute links to a cryptocurrency drainer phishing page. The following blog post provides additional insight into the drainer leveraged in this campaign, ...
11 months ago Mandiant.com
Mandiant's X account hacked by crypto Drainer-as-a-Service gang - The threat actor who took over Mandiant's X social media account used it to share links, redirecting the company's over 123,000 followers to a phishing page to steal cryptocurrency. As Mandiant found during a follow-up investigation into the ...
11 months ago Bleepingcomputer.com
Netgear, Hyundai latest X accounts hacked to push crypto drainers - The official Netgear and Hyundai MEA Twitter/X accounts are the latest hijacked to push scams designed to infect potential victims with cryptocurrency wallet drainer malware. While Hyundai has already regained access to their account and has cleaned ...
11 months ago Bleepingcomputer.com
Crypto Drainer Steals $59m Via Google and X Ads - A crypto drainer is a type of malware that tricks the user into approving a transaction which then automatically drains their cryptocurrency wallets. Scam Sniffer revealed that one particular version, MS Drainer, was behind the new spate of attacks. ...
1 year ago Infosecurity-magazine.com
X users fed up with constant stream of malicious crypto ads - Cybercriminals are abusing X advertisements to promote websites that lead to crypto drainers, fake airdrops, and other scams. Like all advertising platforms, X, formerly known as Twitter, claims to show advertisements based on a user's activity, ...
11 months ago Bleepingcomputer.com
$80M in Crypto Disappears Into Drainer-as-a-Service Malware Hell - According to Group-IB, the attackers hosted the phishing pages using more than 16,000 unique domains over the course of the campaign, which ran between November 2022 and November 2023, after which it was disrupted. While Inferno Drainer may have ...
11 months ago Darkreading.com
How a 'crypto drainer' tricked people into handing over $80 million in assets worldwide - Researchers have detailed how a scam campaign spoofed over a hundred cryptocurrency brands in the past year, stealing at least $80 million in assets from its victims' digital wallets. The researchers warn that the software and those users still pose ...
11 months ago Therecord.media
Hackers Stolen Over $58 Million Crypto Via Malicious Google Ads - Threat actors targeting crypto wallets for illicit transactions have been in practice for quite some time. Threat actors have been using Wallet Drainers for such cybercrime activities, which have seen great success in recent years. Several techniques ...
1 year ago Gbhackers.com
Multichain Inferno Drainer Abuse Web3 Protocols - A cryptocurrency-related phishing scam that uses malware called a drainer is one of the most widely used tactics these days. From November 2022 to November 2023, 'Inferno Drainer', a well-known multichain cryptocurrency drainer, was operational under ...
11 months ago Gbhackers.com
"Pink Drainer" Siphons $4.4 Million Chainlink Through Phishing - Pink Drainer, the infamous crypto-hacking outfit, has been accused in a highly sophisticated phishing scheme that resulted in the theft of $4.4 million in Chainlink tokens. This recent cyber crime targeted a single victim who was duped into signing a ...
11 months ago Cysecurity.news
Web3 security firm CertiK's X account hacked to push crypto drainer - The Twitter/X account of blockchain security firm CertiK was hijacked today to redirect the company's more than 343,000 followers to a malicious website pushing a cryptocurrency wallet drainer. Crypto fraud sleuth ZachXBT later leaked screenshots of ...
11 months ago Bleepingcomputer.com
Security Firm Certik's Account Hijacked to Spread Crypto Drainer - A Web3 security vendor was tricked by a social media phishing attack which hijacked its account and enabled scammers to share a link to a malicious website, it has emerged. That link was up for just 15 minutes, but it's unclear whether any of the ...
11 months ago Infosecurity-magazine.com
Ledger dApp supply chain attack steals $600K from crypto wallets - Ledger is warnings users not to use web3 dApps after a supply chain attack on the 'Ledger dApp Connect Kit' library was found pushing a JavaScript wallet drainer that stole $600,000 in crypto and NFTs. Ledger is a hardware wallet that lets users buy, ...
1 year ago Bleepingcomputer.com
Feds Seize 'Sinbad' Crypto Mixer Used by North Korea's Lazarus - In its continued efforts to crack down on North Korea's most formidable state-sponsored threat group, the US government has seized a virtual currency mixer that has been serving as the principal way the group launders money stolen from its ...
1 year ago Darkreading.com
Nest Wallet CEO Loses $125,000 in Wallet Draining Scam - The co-founder and CEO of a startup cryptocurrency wallet said he lost $125,000 in crypto in a scam, becoming among the latest victims of the growing threat of wallet drainer malware that one cybersecurity firm stole almost $300 million from more ...
11 months ago Securityboulevard.com
Mandiant's X Account Was Hacked in Brute-Force Password Attack - Cyber threat intelligence giant Mandiant has shared the result of its investigation on its recent X account hijacking following a wave of crypto-related X account hacks. On January 3, 2024, the X account of Mandiant, a subsidiary of Google Cloud, was ...
11 months ago Infosecurity-magazine.com
Google Cloud Next 2024: New Data Center Chip Joins Ecosystem - Google Cloud announced a new enterprise subscription for Chrome and a bevy of generative AI add-ons for Google Workspace during the Cloud Next '24 conference, held in Las Vegas from April 9 - 11. Overall, Google Cloud is putting its Gemini generative ...
8 months ago Techrepublic.com
Microsoft again bothers Chrome users with Bing popup ads in Windows - Microsoft is once again harassing Google Chrome users on Windows 10 and Windows 11 with popup desktop advertisements promoting Bing and its GPT-4 Bing Chat platform. Due to the quality of the pixelated ads, some who received them were concerned that ...
9 months ago Bleepingcomputer.com
The Week in Ransomware - January 20th, 2023 Crypto Exchanges Under Attack - The week of January 20th, 2023 brought yet another wave of ransomware attacks targeting crypto exchanges. Crypto exchanges all around the world have been hit by a barrage of sophisticated and well-planned ransomware campaigns. From high-profile ...
1 year ago Bleepingcomputer.com
Navigating the Perilous Waters of Crypto Phishing Attacks - Key Highlights: Check Point Research Unveils Rise in Sophisticated Crypto Phishing: An investigation reveals an alarming increase in advanced phishing schemes targeting a variety of blockchain networks, employing wallet-draining techniques. ...
1 year ago Blog.checkpoint.com
Ahead of Regulatory Wave: Google's Pivotal Announcement for EU Users - Users in the European Union will be able to prevent Google services from sharing their data across different services if they do not wish to share their data. Google and five other large technology companies must comply with the EU's Digital Markets ...
11 months ago Cysecurity.news
Google Ads Invite Being Abused to Push Spam & Adult Sites - Google Ads has become another way for malicious actors to spread spam and adult sites. Recent reports have highlighted that fraudsters are abusing Google Ads invites to push their malicious content. Google Ads is Google's advertising platform, and ...
1 year ago Bleepingcomputer.com
Crypto wallet founder loses $125,000 to fake airdrop website - A crypto wallet service co-founder shares with the world his agony after losing $125,000 to a crypto scam. The startup CEO, who at the time believed he was on a legitimate cryptocurrency airdrop website, realized after his loss that the domain he'd ...
11 months ago Bleepingcomputer.com
Fake KeePass site uses Google Ads and Punycode to push malware - A Google Ads campaign was found pushing a fake KeePass download site that used Punycode to appear as the official domain of the KeePass password manager to distribute malware. Google has been battling with ongoing malvertising campaigns that allow ...
1 year ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)