Report: Phishing scams on Google and X ads generate $59 million as crypto scammers employ ‘wallet drainer’ tactic.
Over the course of the past year, there has been a concerning increase in cybercriminals using deceptive advertisements on popular platforms like Google and X to steal millions of dollars worth of cryptocurrency. ScamSniffer, a cybersecurity firm, has discovered that these scammers are utilizing a malicious tool called ‘wallet drainers’ to execute their malicious phishing scams.
Unveiled in a recent blog post, ScamSniffer reveals that this wallet drainer was originally spotted in Google search ads phishing, which later ended up among X-phishing ads shared by ZachXBT. A recent study of ads in X’s feeds showed that nearly 60 percent of phishing ads used this particular blanking agent.
Between March and December, ScamSniffer diligently monitored 10,072 phishing sites and linked them to stealing nearly $58.98 million from more than 63,000 victims over the previous nine months by analyzing chain data associated with phishing addresses.
Understanding wallet drains and how they spread
Wallet drainers trick users into allowing malicious transactions that drain funds from their cryptocurrency wallets. This usually happens when users interact with misleading links embedded in misleading ads that are actually phishing scams.
Recent examples of these wallet emptying phishing scams include a set of misleading X ads called “Ordinals Bubbles” and fake links to popular crypto platforms like DeFiLlama and Lido. In particular, these phishing ads are sophisticated and include redirect tricks that impersonate official and legitimate domains and ultimately lead users to phishing sites.
The blog post highlights the versatility of these wallet drainers, stating, “Phishing scammers have used these tactics through various channels, including phishing ads, supply chain attacks, Discord phishing, Twitter spam comments and mentions, Airdrop phishing, SimSwap attacks, DNS attacks, email phishing, etc. , which constantly target ordinary users with phishing attacks and lead to significant property losses.”