Google Ads Used for Stealing Credentials and Draining Accounts

Crypto-criminals are investing in Google Ads to target victims with bogus wallets that steal credentials and deplete balances. So far, it appears that the cyber-crooks have stolen more than $500,000 and counting.

What Happened?

According to a recent Check Point Research investigation, the adverts are linking to reportedly download prominent crypto-wallets Phantom and MetaMask.

According to the research, attackers began by using Google Ads to look for possible victims. According to the researchers at Check Point, clicking on the malicious Google Ad redirects the user to a malicious site that has been doctored to seem like the Phantom (or occasionally MetaMask) wallet site.

Over the past weekend, Check Point Research encountered hundreds of incidents in which crypto-investors lost their money while trying to download and install well known cryptowallets or change their currencies on crypto-swap platforms like PancakeSwap or Uniswap.


The target is then asked to register a new account with a “Secret Recovery Phrase.” They are also requested to create a password for the alleged account (which is harvested by the attackers). Following that, visitors are given a keyboard shortcut to open the wallet and then led to the authentic Phantom site, according to Check Point.


Read More: