As a result of a widespread phishing campaign in search engines, hundreds of cryptocurrency wallet users transferred more than $500,000 to the scammers. Researchers from Check Point Research (CPR) report.
According to CPR researchers, the attackers impersonated the popular wallets MetaMask and Phantom and used Google ads to spread phishing links.
Phishing pages resemble the official wallet sites in design, but the apps installed from them are used to steal cryptocurrency.
“When creating a new Phantom wallet, the phishing site generates a message about the secret phrase to recover the wallet for the attacker. In effect, when transferring funds, the user sends them directly to the scammers. In the case of MetaMask, they also attempt to steal the user’s seed phrase,” CPR said.
In addition to wallets, hackers clone sites of decentralized exchanges, including Uniswap and PancakeSwap.
CPR experts advised cryptocurrency holders to refrain from clicking on ads and to use only direct, known URLs.
Earlier this year, Google prevented a massive hack of YouTube channels used for Bitcoin fraud.
Follow ForkLog’s Bitcoin news on our Telegram — cryptocurrency news, prices and analysis.