New Crypto Drainer Malware Steals $59m via Google and X Ads
Recent reports from security researchers have uncovered a troubling new trend in cybercrime – a series of “crypto drainer” malware attacks that have already siphoned off $59 million from unsuspecting victims. The attacks operate by tricking users into approving transactions that drain their cryptocurrency wallets, with one particularly notorious version known as MS Drainer being responsible for the recent surge in attacks.
How It Works
Victims are lured to phishing pages hosting the malware through Google and X ads that are strategically linked to keywords related to the DeFi world. These ads, which first appeared in March, use sophisticated techniques to bypass ad audits and target specific regions, ultimately leading users to malicious websites through redirect deception.
According to Scam Sniffer, a leading cybersecurity firm, approximately 10,000 phishing sites have been identified since March, with 60% of X ads leading users to malware designed to steal their virtual currency. MS Drainer, in particular, has successfully stolen $59 million from over 63,000 victims in the past nine months.
The Dark Web Connection
Interestingly, the source code for MS Drainer was found up for sale on a dark web forum. Unlike other similar malware that is typically managed by developers for a fee, MS Drainer’s administrators sell the source code directly to anyone interested in using it for malicious purposes.
Protecting Against Phishing Scams
With the rise of phishing scams targeting users through online advertising, it is more important than ever for internet users to exercise caution when interacting with ads. Scam Sniffer has called on the advertising industry to enhance their verification processes to prevent malicious actors from exploiting their platforms for criminal activities.
As cyber threats continue to evolve, it is crucial for both users and online platforms to stay vigilant and take proactive measures to safeguard against potential attacks. By staying informed and adopting best practices for online security, individuals can better protect themselves from falling victim to scams like the crypto drainer malware.