Crypto Hackers Target Google Search & X Ads To Drain $58 Mln From 63K Users

In an alarming trend that has gained momentum over the last year, a new variant of Internet threat, the Wallet Drainers, have taken their toll on innocent victims. Using a combination of highly advanced methods, these fraudsters have indulged in phishing scams that resulted in draining money from over 63,000 victims.

Wallet Drainer Scam Statistics

In the past nine months alone, the Wallet Drainer has been connected to $58.98 million worth of stolen crypto from 63,210 victims. These startling figures highlight the seriousness of the problem. In addition, peaks in phishing site activities were seen in May, June, and November this year. These statistics suggest that the threat isn’t over yet.

One of the main Wallet Drainers scam was conducted via Google search ad phishing, and was first detected in March. Earlier, in April, the SlowMist team joined in, sharing their insights into the dark pathways left by these criminals. Furthermore, in June, security analyst ZachXBT found out that there had been a string of X phishing adverts-all on the same Drainer-published under the doomy title “Ordinal Bubbles.”

A random sampling of X ads revealed that almost 60% of the phishing ads used this type of Wallet Drainer. However, their influence does not stop at X’s platform. In addition, according to a recent report by Scam Sniffer, it has been learned that Wallet Drainer had 10,000 phishing websites tied to this threat.

Overview Of Wallet Drainer Scams

The defining characteristic of this Drainer is its omnipresence in all phishing attack vectors. These scammers employ supply chain attacks, phishing attacks via Discord, SimSwap attacks, DNS attacks, and traditional email phishing attacks. It is observed that the attackers in question were highly skilled at evading ad audits. They accomplished their mission with the use of regional targeting-displaying different content to users in different regions. This tactic undermines the ability of the auditing process to scrutinize traditional media, making it all the more difficult.

Deception tactics were also improved and this only added to the credibility of these phishing advertisements. The scammers pretended to operate from official domains, like StarkNet, and tricked users into coming to the malicious site.