- I use this cheap Android tablet more than my iPad Pro - and don't regret it
- Change these 10 iOS settings right now to instantly get better iPhone battery life
- How to clear the cache on your Windows 11 PC (and why you shouldn't wait to do it)
- These Sony headphones deliver premium sound and comfort - without the premium price
- The LG soundbar I prefer for my home theater slaps with immersive audio - and it's not the newest model
Crypto Drainer Steals $59m Via Google and X Ads
Security researchers have discovered a new series of “crypto drainer” malware attacks that have stolen $59m from victims so far after luring them to phishing pages via Google and X (formerly Twitter) ads.
A crypto drainer is a type of malware that tricks the user into approving a transaction which then automatically drains their cryptocurrency wallets. Scam Sniffer revealed that one particular version, MS Drainer, was behind the new spate of attacks.
Victims are lured to phishing pages featuring the malware by clicking on Google and X ads linked to keywords from the DeFi world such as Zapper, Lido, Stargate, Defillama, Orbiter Finance and Radiant, the firm said.
These malicious ads were first detected in March and use several techniques to bypass ad audits, such as targeting only specific regions and using “redirect deception” to take users to phishing sites.
Read more on malicious advertising: Microsoft’s Bing AI Faces Malware Threat From Deceptive Ads
Scam Sniffer said it has observed around 10,000 phishing sites since March using drainers and claimed 60% of phishing ads on X take users to malware designed to steal their virtual currency.
MS Drainer in particular has stolen $59m from 63,210 victims over the past nine months, it said.
Scam Sniffer found the drainer for sale on a dark web forum. Unlike other similar malware that is fully managed, with developers charging a 20% fee, MS Drainer’s administrators sell the source code direct to all-comers.
The security vendor urged internet users to remain cautious when interacting with online advertising and demanded the ad industry up its game.
“As can be seen, advertising has become an important means for phishing scammers to reach their victims. By targeting specific audiences through Google search terms and the following base of X, they can select specific targets and launch continuous phishing campaigns at a very low cost,” it concluded.
“Combined with the utilization of domain spoofing and bypassing ad reviews, users are facing continuous phishing threats. Ad platforms need to enhance their verification processes to prevent malicious actors from exploiting their services.”
