"Crypto Drainer Steals $59m Via Google and X Ads"
Security researchers at Scam Sniffer have discovered a new series of "crypto drainer" malware attacks that have stolen $59m from victims so far after luring them to phishing pages via Google and X ads. The researchers defined a crypto drainer as a type of malware that tricks the user into approving a transaction, which then automatically drains their cryptocurrency wallets. The researchers revealed that one particular version, MS Drainer, was behind the new spate of attacks. The researchers noted that victims are lured to phishing pages featuring the malware by clicking on Google and X's ads linked to keywords from the DeFi world, such as Zapper, Lido, Stargate, Defillama, Orbiter Finance, and Radiant. The researchers first detected the malicious ads in March and discovered that they use several techniques to bypass ad audits, such as targeting only specific regions and using "redirect deception" to take users to phishing sites. The researchers claim that they observed around 10,000 phishing sites since March using drainers and claimed 60% of phishing ads on X take users to malware designed to steal their virtual currency. MS Drainer, in particular, has stolen $59m from 63,210 victims over the past nine months.
Infosecurity reports: "Crypto Drainer Steals $59m Via Google and X Ads"