In addition to the volatile nature of cryptocurrency, scammers have found a new way to steal your wallet credentials.
Scammers copied prominent crypto wallets and platforms, such as Phantom and MetaMask, according to Check Point Research (CPR). When the victim clicked on the advertisement, they were redirected to a website that mimicked the prominent wallet brand’s interface and proceeded to steal their wallet login information.
According to CPR, this resulted in the theft of more than $500,000 in cryptocurrency over the weekend. CPR detected 11 hacked wallets containing amounts ranging from $1,000 to $10,000, but the scammers were able to extract some of the cash before they were discovered.
“In a matter of days, we witnessed the theft of hundreds of thousands of dollars worth of crypto,” said Oded Vanunu, Head of Products Vulnerabilities Research at CPR.
“We estimate that over $500k worth of cyrpto was stolen this past weekend alone. I believe we’re at the advent of a new cyber crime trend, where scammers will use Google Search as a primary attack vector to reach crypto wallets, instead of traditionally phishing through email,” Vanunu added.
Each fraudulent website included “careful messaging and keyword selection,” according to Vanunu, which allowed scammers to trick Google Search and appear at the top of the results. The websites to which the victims were directed were meticulously duplicated, even to the messaging of the brand.
“Unfortunately, I expect this to become a fast-growing trend in cyber crime. I strongly urge the crypto community to double check the URLs they click on and avoid clicking on Google Ads related to crypto wallets at this time,” said Vanunu.