Hackers use ‘Poison’ Google Ads to steal $50 million in cryptocurrencies

It is reported that hackers chose to use Google Ads to intrusion. The use of this very basic phishing technique has caused about $ 50 million in total losses over the past three years.

Encrypted currency is typically stored in an exchange’s, mining pool, or user’s personal wallet, making personal computers and exchanges the main target of hackers. Unfortunately, many have suffered such attacks in recent years. The largest of the attacks are well-known in the Encryption World: Mt. Gox and Coincheck, who have suffered the largest hacker in cryptocurrency history and stolen nearly $ 1 billion in two cases, accounting for the first days.

Mt. Gox is a major cryptocurrency exchange until 2014, where it suffered the largest cryptocurrency hacking ever. The amount of the hacking incident is estimated at about 450 million US dollars, resulting in the exchange declared bankruptcy. The shock wave swept the cryptocurrency community, causing Bitcoin prices to plummet.

A recent larger hacker attack occurred at the end of January 2018. Coincheck was hacked, amounting to more than 500 million U.S. dollars, but so far it has remained active due to its solvency. Thanks to the prosperity of the money market in 2017, a large number of investors, trading volume and wealth, Coincheck still has enough reserves to cover its losses. However, while Coincheck did not announce bankruptcy and opened the regulatory era, the prices of BTC and XEM (hacked currencies) remained volatile after the hacking incident.

The hacker incident seems more and larger, hacker’s courage also seems to be growing. But in addition, many of the smaller cryptocurrencies “robbery” have not actually been discussed yet.

According to Talos cybersecurity report, the hacking incident is through Google Ads. Although hundreds of millions of dollars have not been stolen, fifty million dollars remains a non-trivial matter. Especially for those who lost cryptocurrencies in the hacking incident. The blockchain should be transparent, but even if the transaction amount is publicly displayed, the wallet that receives and sends money remains difficult to pin down to the user. For years, hackers kept looting millions of cryptocurrencies because they were able to remain anonymous. Cryptocurrencies are created to provide anonymity to users, but blockchains like BTC are completely transparent. This transparency is beneficial in most cases unless you encounter hackers using the Bitcoin blockchain. Even if the funds were released to which wallet, the true identity of hackers will not be exposed.

Cisco recently shifted its focus to blockchain technology. As a result, they are able to understand the security threats and, further, reveal the dark hands behind a large number of daring hacking incidents. The most recent hacking incident was done by an organization that claims to be Coinhoarder, based in Ukraine. The technology used by these hackers is very basic, but it can attract thousands of people’s attention and money. This simple technique includes hackers publishing ads related to key search terms on Google. These key search terms are directly related to cryptocurrencies. Terms such as “blockchain,” “cryptocurrency wallet,” and “bitcoin wallet,” are search terms that provide malicious advertising.

Ads for these specific search terms mimic legitimate domain names that are specifically used to encrypt currency wallets, such as blockchain.info. Users can not notice the subtle differences in domain names and web presence, which allows hackers to allow unsuspecting users to browse their malicious Web sites for an extended period of time. The landing page for “blokchien.info/wallet” looks almost identical to the familiar blockchain.info. If you do not notice the lack of “ie” or “c” in the URL, you may easily get hooked into the scam. The worst (or the brightest) part is that hackers paid enough to put their malicious links in the better position than the correct version of the site they were mimicking.

Once a user enters a malicious website, they will behave as if they were the first time or habitually visiting the correct website. As a result, they enter personal information that allows hackers to access the correct website’s wallet. After they’ve accessed the user’s wallet, they transfer the funds to themselves and the hacking is done. The whole strategy is to mimic the right website as much as possible and buy Google ads for a premium. Even more shocking is that this phishing scandal has been around for three years, according to a Cisco-Ukraine cyberpolice partnership.

It is now widely accepted that the Coinhoarder Group should be responsible for the many hacking incidents since 2015 and the value and volume of such events soared by the end of 2017 as Bitcoin prices soared. Between September, November, and December three months, more than $ 10 million were stolen. Even if the network of police forces and senior security company to chase after, hackers are still daring. While websites such as Facebook have banned ads related to cryptocurrencies, the technology to simulate phishing scams is still gaining in popularity.

Coin hoarders specialize in phishing scams, but it’s just one of the many technologies that steal cryptocurrencies. According to the report known, the infamous Korean hacker attack organization Lazarus Group, but also through the website mirroring technology phishing fraud. More and more hackers use very basic web mirroring technology to give users the information they need to access their wallet and steal expensive encryption currency. The most recent IP addresses of individuals attacked by hackers are mainly in Africa, Nigeria, and Ghana. This is not surprising given that the underdeveloped regions of the world are the most heavily used currency for cryptocurrencies, while the people there may not have received enough education about anti-fraud. However, a fully mirrored website can easily be confusing unless users actively monitor the URLs they visit.

The bitcoin address to which the stolen funds were transferred is knowable, but we still have no idea what to do with it. The problem is still that the BTC address is anonymous, with nothing but a number, and it is almost impossible to know who holds a suspicious wallet. We can monitor and track funds indefinitely until they are spent or transferred to an exchange. However, no one can guarantee the success of the wallet to find the holder.

The benefits of the blockchain are occasionally its drawbacks. If the blockchain is completely transparent and requires identification, we can find hackers, but decentralization and anonymity cease to exist. Almost everything in life has a trade-off and holds Bitcoin wallets without identification, allowing individuals to hold money with a wallet number in a secure blockchain. In this case, the way hackers spend money will be difficult to capture and expose.

Source: fortune