Cybersecurity Organization Scam Sniffer has released a new report indicating that wallet stealing tool Wallet Drainers has been rampant in the past nine months, with a single victim losing over $20 million. Scam advertisements are prevalent on Google and Twitter.
Table of Contents
Toggle
I. Phishing on Google
II. X (Twitter) Phishing Advertisements Account for Over 60%
Bypassing Ad Audits
Displaying “Official Website” and Redirecting Upon Clicking
One Wallet, $20 Million Lost
Wallet Drainer Creates an Alternative Industry Chain
I. Phishing on Google
Scam Sniffer discovered in March of this year that scam advertisements mimicking DeFi protocol websites have appeared on Google search pages, such as Zapper and Lido shown in the images below.
(Image)
(Image)
(Image)
(Image)
(Image)
(Image)
Scam advertisements on Google search
II. X (Twitter) Phishing Advertisements Account for Over 60%
After analysis, it was found that some phishing advertisements on Twitter are the same as those on Google, both using One Wallet Drainer. Scam Sniffer also pointed out that out of the nine ads appearing on the feed, six were Wallet Drainers, accounting for over 60%.
(Image)
(Image)
These phishing link advertisements employ cunning tactics to bypass platform ad audits, potentially deceiving even experienced cryptocurrency users.
Bypassing Ad Audits
Scam Sniffer pointed out that scam advertisements only target specific regions with phishing links embedded. When users from other regions open the links, they may see a normal website, making ad audits more difficult for platforms.
Displaying “Official Website” and Redirecting Upon Clicking
Phishing advertisements make the links in the ads appear to be from official domains, but the final destination after clicking is a phishing website. For example, users may think they clicked on an advertisement for the official StarkNet website, but they are actually redirected to a phishing website.
(Image)
(Image)
One Wallet, $20 Million Lost
Scam Sniffer monitored 10,072 phishing websites related to the Wallet Drainer in the past nine months. May, June, and November of this year were the peak periods for scams. In total, the Wallet Drainer stole approximately $58.98 million from 63,210 victims.
The main victims are listed as follows:
Victim Wallet
Blockchain
Amount Stolen (USD)
0x13e382dfe53207e9ce2eeeeab330f69da2794179e
Ethereum
$24,055,508
0x5197da90fb01040a1896a92616ecdfb5765b1134
Ethereum
$1,192,307
0x856cb5c3cbbe9e2e21293a644aa1f9363cee11e8
Arbitrum
$644,720
0x704f59ccb0b9399b600b462f974aa5cff76ca3ed
Ethereum
$549,056
0xb32659fe74a4ceabadeee1b58ef334d499b8ba26
Ethereum
$444,966
Wallet Drainer Creates an Alternative Industry Chain
Based on sales information found by Scam Sniffer, this Drainer directly sells program codes and modules, unlike other Wallet Drainers that charge a 20% management fee. This indicates that the developers believe it is more profitable to sell fraud tools rather than engage in phishing themselves.
Google search
Scam Sniffer
Advertisement
Twitter
Scam
Phishing link
(Images)
(Images)
Further Reading
Musk Talks About “Extortion” by Advertisers at the DealBook Summit, Fighting Against Restrictions on Freedom of Speech
X (Twitter) Valued at $19 billion, Could Become a Dating Site and Digital Bank Next Year?