Google Ads delivered malware drains entire NFT influencer’s crypto wallet

by · February 9, 2023

Google Ads delivered malware drains entire NFT influencer’s crypto wallet

An NFT influencer claims to have lost “a life-changing amount” of his net worth in non-fungible tokens (NFTs) and crypto after accidentally downloading malware found via a Google Ad search result.

The pseudo-anonymous influencer known on Twitter as “NFT God” posted a series of tweets on January 14 describing how his “entire digital livelihood” was attacked, including a compromise of his crypto wallet and several online accounts.

NFT God, also known as “Alex,” said he used Google’s search engine to download OBS, an open-source video streaming software. But instead of clicking on the official website, he clicked on the sponsored ad for what he thought was the same thing.

It wasn’t until hours later – after a series of phishing tweets posted by attackers on two Twitter accounts that Alex runs – that he realized malware was being downloaded from the sponsored ad along with the software he wanted.

After a message from an acquaintance, Alex noticed that his crypto wallet was also compromised. The next day, attackers breached his Substack account and sent phishing emails to his 16,000 subscribers.

Blockchain data shows that at least 19 Ether (ETH) worth nearly $27,000 at the time, a Mutant Ape Yacht Club (MAYC) NFT with a current floor price of 16 ETH ($25,000), and several other NFTs were obtained from Alex’s wallet.

The attacker moved most of the ETH through several wallets before sending it to the decentralized exchange (DEX) FixedFloat, where it was exchanged for unknown cryptocurrencies.

Alex believes the “critical error” that allowed the wallet hack was to set up his hardware wallet as a hot wallet by entering the seed phrase “in a way that no longer kept it cold” or offline, allowing the hackers to gain control of his crypto and NFTs.

See also  OliveX Holdings Limited (NSX: OLX) Merges with Leading Web3 and NFT Space Builder Keungz

Related: Navigating the Crypto World: Tips to Avoid Scams

Unfortunately, NFT God’s experience is not the first time the crypto community has dealt with crypto-theft malware in Google Ads.

A Jan. 12 report from cybersecurity firm Cyble warned of an information-stealing malware called “Rhadamanthys Stealer” being spread through Google Ads on a “highly convincing phishing website.”[s].”

In October, Binance CEO Changpeng “CZ” Zhao warned that Google search results were promoting crypto-phishing and scam websites.

Cointelegraph reached out to Google for comment, but did not receive a response. In its support, however, Google said it “actively works with trusted advertisers and partners to prevent malware in ads.”

It also describes the use of “proprietary malware detection technology and tools” for regular scanning of Google Ads.

Cointelegraph was unable to reproduce the results of Alex’s search or verify whether the malicious site was still active.

Related posts:

  1. The future of NFT marketing
  2. How will the Ethereum merger change the NFT scene? – ARTnews.com
  3. The Sports Memorabilia Industry Rises Again in the Digital World; Sports NFTs go from trading cards to digital video: Market Decipher
  4. VVSgotchi Launches on Cronos, Expands dApp Ecosystem with Utility-Led NFT Play

Tags:

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *

Headline Posts