Wallet Drainers: Google and Twitter Ads Found Hidden in a Wave of Wallet Thefts, Single Wallet Loses $20 Million
Cybersecurity Agency
Scam Sniffer
A recent report indicates that wallet drainer tool, Wallet Drainers, has been rampant over the past 9 months, with a single victim losing over 20 million dollars. Fraudulent advertisements are widespread on Google and Twitter.
(
Earning 80 million pounds! Phishing tool Inferno Drainer announces closure: Nothing is eternal.
)
Table of Contents
Toggle
1. Phishing on Google
2. X (Twitter) phishing ads account for over 60%
Bypassing ad review
Displaying “official website,” redirecting after clicking the link
One wallet loses 20 million dollars
Wallet Drainer forms an alternative industry chain
1. Phishing on Google
Scam Sniffer discovered fraudulent advertisements that mimic DeFi protocol websites on Google search pages starting in March of this year, such as Zapper and Lido shown in the following image.
Advertisement – Continue scrolling for the rest of the content
Fraudulent advertisements appear on Google search
2. X (Twitter) phishing ads account for over 60%
After analysis, it was found that some phishing ads on Twitter are the same as those on Google ads, both using One Wallet Drainer.
Scam Sniffer also pointed out that out of the 9 ads that appeared on the timeline, 6 of them were Wallet Drainers, accounting for over 60%.
These phishing link ads employ some clever techniques to bypass the platform’s ad review, even experienced users in cryptocurrencies may fall victim.
Bypassing ad review
Scam Sniffer pointed out that fraudulent ads only target specific regions with embedded phishing links, while users from other regions may see a normal website when opening the link. This makes ad review on the platform even more difficult.
Displaying “official website,” redirecting after clicking the link
Phishing ads make the links in the ads appear to be from official domains, but the final destination after clicking is a phishing website.
For example, users may think they clicked on an advertisement from the official StarkNet website, but they are actually redirected to a phishing website.
One wallet loses 20 million dollars
Scam Sniffer monitored 10,072 phishing websites related to the Wallet Drainer over the past 9 months, and May, June, and November of this year were the peak periods for scams.
In total, the Wallet Drainer stole approximately 58.98 million dollars from 63,210 victims in the past 9 months.
The list of major victims is as follows:
Victim’s Wallet
Public Chain
Amount Stolen (USD)
0x13e382dfe53207e9ce2eeeeab330f69da2794179e
Ethereum
24,055,508
0x5197da90fb01040a1896a92616ecdfb5765b1134
Ethereum
1,192,307
0x856cb5c3cbbe9e2e21293a644aa1f9363cee11e8
Arbitrum
644,720
0x704f59ccb0b9399b600b462f974aa5cff76ca3ed
Ethereum
549,056
0xb32659fe74a4ceabadeee1b58ef334d499b8ba26
Ethereum
444,966
Wallet Drainer forms an alternative industry chain
Based on the sales information found by Scam Sniffer, compared to other Wallet Drainers that charge a 20% management fee, the Drainer in this article directly sells program code and modules. It can be seen that the developers believe it is more profitable to sell fraudulent tools than to engage in phishing themselves.
Google search
Scam Sniffer
Advertisement
Twitter
Fraud
Phishing link
Further reading
Musk talks about “extortion” by advertisers at the DealBook Summit, combating restrictions on freedom of speech
X (Twitter) valuation remains at 19 billion dollars, will it become a dating website and digital bank next year?