Cryptocurrency enthusiast loses expensive NFT and ethers to Google ad platform
The Google Ads platform is being actively used by scammers to distribute malware to their victims. One of them was recently a user under the pseudonym NFT God, a popular collector of unique tokens. He claimed on his Twitter account that he lost “most of his fortune” by following a link posted by the scammers. We tell you more about the scammers’ actions.
It should be noted that cryptocurrency scam ads are a very popular destination for scammers. Most often they use YouTube or Twitter for this purpose. And in the case of the latter, the platform’s head, Elon Musk, has already reported on allegedly solving bot problems. However, practice shows that no meaningful results have been achieved – bots are still writing under almost every post of any cryptocurrency celebrity.
An example of promoting a fraudulent pamp-dump group (below)
The same applies to YouTube. There, scammers are still using fake streaming schemes where users are supposedly given cryptocurrency in a “send X and get 2X in return” scheme. Naturally, this only ends up being the first step here.
How does one lose money in cryptocurrencies?
It all started when NFT God wanted to download OBS, the broadcasting software. However, instead of the official OBS website, he mistakenly clicked on an advertising link posted on Google Ads. Which means the scammers created a malware site in advance and advertised it through Google’s service. Here’s a quote from a victim of the hack.
I followed the link and downloaded the software, then proceeded to install it. Nothing happened when I clicked on the file with the .exe extension. Maybe streaming isn’t my thing.
Note that a .exe is an executable file that starts activity once it's launched. Consequently, cryptocurrency owners should be as careful as possible before opening something like this. This is especially true for users of so-called hot wallets like MetaMask, which store an encrypted version of a cid phrase, i.e. a unique combination of words to control their own cryptocurrency wallet.
The malware can substitute addresses when sending crypto-assets, allowing coins to escape to a fraudulent developer. At the same time, the user will see supposedly correct data when making the transaction. In a worst case scenario, it could end up with the theft of the sido phrase, allowing all of the victim's coins to go to the scammer.
There are reports of fake malware links to Google Ads on the OBS forum too
NFT God noticed something wrong when two of his Twitter accounts suddenly started spreading spam with phishing links. A little later it turned out that both his work and personal accounts on Twitter, Substack, Gmail and Discord had been hacked.
Cryptocurrency scammers
In addition, the attackers also gained access to the user’s cryptocurrency wallets. The hackers even launched a phishing mailing to thousands of NFT God subscribers on Substack. Here’s his quote.
My Substack means more to me than anything else in my life except people. This is where I create my deeply personal work. It’s where I create my community. It’s the personal achievement I’m most proud of in my life. Now it’s in danger of being destroyed. Hackers have sent two emails to my 16,000 closest fans with hacked links. The trust I worked over a year to build is gone. The loss of part of my fortune is nothing compared to the loss of my community’s trust.
According to CryptoPotato sources, the crypto-enthusiast lost about 19 ETH and several NFTs, including a token from the Mutant Ape Yacht Club (MAYC) series. Most of the stolen funds were moved to different wallets, then the fraudsters exchanged the coins for other digital assets via the decentralised FixedFloat exchange.
Note that in this case, a hardware wallet could have saved against the loss of crypto-assets. In Ledger's case, such devices store the Sid phrase on a special chip that is not connected to the Internet. Accordingly, even computer hacking would not result in the theft of digital assets, as the private keys are stored inside the hardware. This, in fact, explains the need to use them for every transaction.
In addition, such devices have a screen that is also not connected to the Internet. Which means that even if a MetaMask would show fake data in a malicious transaction, Ledger would expose the hack and let the problems be noticed. Apparently, the holder of the NFT and 19 ETH stored it all on hot wallets connected to the network.
Stolen NFT token from Mutant Ape Yacht Club series
NFT God believes his critical mistake of entering the cid phrase “so as not to store everything on a cold wallet anymore” has resulted in a de facto failure to protect funds. Not buying a cold wallet was a “fatal mistake”, he says, but even that alone does not provide complete security. Being cautious and careful when doing anything online is just as important.
We believe that cases like this are a clear demonstration of why digital assets in large quantities should be stored in hardware wallets or so-called cold storage. Sooner or later, a program with an Internet connection can be hacked, which can lead to irreparable losses. And it's obviously better to take action in advance to prevent such a scenario.
Related posts
