Warning: Undefined variable $comments_html in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 527

Hackers Stolen Over $58 Million Crypto Via Malicious Google Ads

Threat actors targeting crypto wallets for illicit transactions have been in practice for quite some time.
Threat actors have been using Wallet Drainers for such cybercrime activities, which have seen great success in recent years.
Several techniques were used for draining, which include phishing ads, supply chain attacks, Airdrop phishing, DNS attacks, and many others.
These attacks result in much loss for victims due to crypto wallet stealing.
One wallet drainer has been used predominantly in over 60% of the phishing ads used by threat actors.
According to the reports shared with Cyber Security News, 10,072 phishing sites account for $58.98 million in crypto wallets draining from 63,210 victims.
This particular wallet drainer was first detected in March and again at the end of April.
As for Google Ad phishing, many campaigns were spotted that were related to Zapper, Lido, Stargate, Defillama, Orbiter Finance, and Radiant.
To bypass the ad audits of these campaigns, threat actors have been using many methods, such as targeting specific regions, which will display the phishing page only to people from a specific region.
The page that can be seen when opening the link directly will be different from the one that is opened from the ad link.
Redirect deception was also used in which the ad appears to be from the official domain, but the final redirected site is the phishing site.
The biggest victim of these phishing campaigns was a wallet address 0x13e382dfe53207e9ce2eeeab330f69da2794179e, which lost $24 million in September.
The drainer, used in 60% of the phishing campaigns, was sold in a forum and is fully managed with a charge fee of 20%. The sellers of this drainer share the source code and additional value-added modules to the drainer.
Several features, such as adding a malicious signature for blur for phishing, will cost more and must be purchased from them.
The developer of this drainer has been changed from pakulichev to Phishlab.
A complete report about these phishing campaigns and wallet drainers has been published, providing detailed information about the threat actors, the wallet drainers, and others.
It is recommended that users be extra cautious when viewing ads and be vigilant before entering their wallet details on a website.

This Cyber News was published on gbhackers.com. Publication date: Wed, 27 Dec 2023 15:43:04 +0000

Cyber News related to Hackers Stolen Over $58 Million Crypto Via Malicious Google Ads

Feds Seize 'Sinbad' Crypto Mixer Used by North Korea's Lazarus - In its continued efforts to crack down on North Korea's most formidable state-sponsored threat group, the US government has seized a virtual currency mixer that has been serving as the principal way the group launders money stolen from its ...
1 year ago Darkreading.com Lazarus Group

Crypto drainer steals $59 million from 63k people in Twitter ad push - Google and Twitter ads are promoting sites containing a cryptocurrency drainer named 'MS Drainer' that has already stolen $59 million from 63,210 victims over the past nine months. According to blockchain threat analysts at ScamSniffer, they ...
1 year ago Bleepingcomputer.com

Netgear, Hyundai latest X accounts hacked to push crypto drainers - The official Netgear and Hyundai MEA Twitter/X accounts are the latest hijacked to push scams designed to infect potential victims with cryptocurrency wallet drainer malware. While Hyundai has already regained access to their account and has cleaned ...
1 year ago Bleepingcomputer.com

X users fed up with constant stream of malicious crypto ads - Cybercriminals are abusing X advertisements to promote websites that lead to crypto drainers, fake airdrops, and other scams. Like all advertising platforms, X, formerly known as Twitter, claims to show advertisements based on a user's activity, ...
1 year ago Bleepingcomputer.com

LastPass breach linked to theft of $4.4 million in crypto - Hackers have stolen $4.4 million in cryptocurrency on October 25th using private keys and passphrases stored in stolen LastPass databases, according to research by crypto fraud researchers who have been researching similar incidents. The news comes ...
1 year ago Bleepingcomputer.com

North Korea's state hackers stole $3 billion in crypto since 2017 - North Korean-backed state hackers have stolen an estimated $3 billion in a long string of hacks targeting the cryptocurrency industry over the last six years since January 2017. Kimsuky, Lazarus Group, Andariel, and other North Korean hacking groups ...
1 year ago Bleepingcomputer.com Andariel Kimsuky Lazarus Group

US removes sanctions against Tornado Cash crypto mixer - The U.S. Department of Treasury announced today that it has removed sanctions against Tornado Cash, a cryptocurrency mixer used by North Korean Lazarus hackers to launder hundreds of millions stolen in multiple crypto heists. In August 2023, the ...
6 months ago Bleepingcomputer.com

Fake Semrush ads used to steal SEO professionals’ Google accounts - Because Semrush integrates with Google Analytics and Google Search Console, customers often link valuable Google accounts containing sensitive business data—like revenue metrics, marketing strategies, and customer behavior, all attractive ...
6 months ago Bleepingcomputer.com

North Korean Hackers Stole $600m in Crypto in 2023 - North Korean hackers stole at least $600m in cryptocurrency in 2023, around a third of the total value of such heists, according to blockchain intelligence firm TRM. Despite the eye-watering sum, this figure represents a 30% reduction on ...
1 year ago Infosecurity-magazine.com

Pakistani Firm Shipped Fentanyl Analogs, Scams to US – Krebs on Security - California resident Walter Horsting discovered something similar when he sued 360 Digital Marketing in small claims court last year, after hiring a company called Vox Ghostwriting to help write, edit and promote a spy novel he’d been working ...
4 months ago Krebsonsecurity.com

Chainalysis: $2.17 billion in crypto stolen in first half of 2025, driven by North Korean hacks | The Record from Recorded Future News - The $2.17 billion stolen so far this year already surpasses the losses seen in all of 2024, and is the highest number seen in the first six months of a year since the company began tracking the figures in 2022. Chainalysis researchers noted several ...
2 months ago Therecord.media

Lazarus Group hackers appear to return to Tornado Cash for money laundering - North Korea's Lazarus hacking group allegedly has turned back to an old service in order to launder $23 million stolen during an attack in November. Investigators at blockchain research company Elliptic said on Friday that in the last day they had ...
1 year ago Therecord.media Lazarus Group

Ex-Amazon engineer pleads guilty to hacking crypto exchanges - Former Amazon security engineer Shakeeb Ahmed pleaded guilty this week to hacking and stealing over $12.3 million from two cryptocurrency exchanges in July 2022. The two affected companies are Nirvana Finance, a decentralized crypto exchange, and an ...
1 year ago Bleepingcomputer.com

HackerOne paid ethical hackers over $300 million in bug bounties - HackerOne has announced that its bug bounty programs have awarded over $300 million in rewards to ethical hackers and vulnerability researchers since the platform's inception. Thirty hackers have earned over a million USD for their submissions, and ...
1 year ago Bleepingcomputer.com Inception Hunters

NY engineer pleads guilty to stealing millions from two crypto exchanges - A former security engineer for an international tech company pleaded guilty in federal court to hacking two decentralized cryptocurrency exchanges. As a result of these hacks in July 2022, U.S. citizen Shakeeb Ahmed, 34, illegally obtained over $12 ...
1 year ago Therecord.media

Google Ads Invite Being Abused to Push Spam & Adult Sites - Google Ads has become another way for malicious actors to spread spam and adult sites. Recent reports have highlighted that fraudsters are abusing Google Ads invites to push their malicious content. Google Ads is Google's advertising platform, and ...
2 years ago Bleepingcomputer.com

Mandiant's X account hacked by crypto Drainer-as-a-Service gang - The threat actor who took over Mandiant's X social media account used it to share links, redirecting the company's over 123,000 followers to a phishing page to steal cryptocurrency. As Mandiant found during a follow-up investigation into the ...
1 year ago Bleepingcomputer.com

Microsoft again bothers Chrome users with Bing popup ads in Windows - Microsoft is once again harassing Google Chrome users on Windows 10 and Windows 11 with popup desktop advertisements promoting Bing and its GPT-4 Bing Chat platform. Due to the quality of the pixelated ads, some who received them were concerned that ...
1 year ago Bleepingcomputer.com

Warning: Undefined array key "host" in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 364

Warning: Undefined variable $domain_html in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 466

CVE-2022-50231 - In the Linux kernel, the following vulnerability has been resolved: ...
3 months ago

Web3 security firm CertiK's X account hacked to push crypto drainer - The Twitter/X account of blockchain security firm CertiK was hijacked today to redirect the company's more than 343,000 followers to a malicious website pushing a cryptocurrency wallet drainer. Crypto fraud sleuth ZachXBT later leaked screenshots of ...
1 year ago Bleepingcomputer.com

Indian crypto exchange CoinDCX says $44 million stolen from reserves | The Record from Recorded Future News - Company cofounders Neeraj Khandelwal and Sumit Gupta announced issues on social media Saturday afternoon before confirming that funds had been stolen from one of the company’s internal operational accounts. The attack on CoinDCX comes just months ...
2 months ago Therecord.media

Google Cloud Next 2024: New Data Center Chip Joins Ecosystem - Google Cloud announced a new enterprise subscription for Chrome and a bevy of generative AI add-ons for Google Workspace during the Cloud Next '24 conference, held in Las Vegas from April 9 - 11. Overall, Google Cloud is putting its Gemini generative ...
1 year ago Techrepublic.com

Microsoft: BlueNoroff hackers plan new crypto-theft attacks - Microsoft warns that the BlueNoroff North Korean hacking group is setting up new attack infrastructure for upcoming social engineering campaigns on LinkedIn. This financially motivated threat group also has a documented history of cryptocurrency ...
1 year ago Bleepingcomputer.com

Hackers Stolen Over $58 Million Crypto Via Malicious Google Ads - Threat actors targeting crypto wallets for illicit transactions have been in practice for quite some time. Threat actors have been using Wallet Drainers for such cybercrime activities, which have seen great success in recent years. Several techniques ...
1 year ago Gbhackers.com

US seizes Sinbad crypto mixer used by North Korean Lazarus hackers - The U.S. Department of the Treasury has sanctioned the Sinbad cryptocurrency mixing service for its use as a money-laundering tool by the North Korean Lazarus hacking group. A cryptocurrency mixer is a server that allows people to deposit crypto, ...
1 year ago Bleepingcomputer.com Lazarus Group