Phishing Ads Detected on Etherscan and Other Platforms
A user known as McBiblets has discovered “wallet drainers” embedded in advertisements on the Ethereum explorer site Etherscan.
All the other phishing sites it’s linked to pic.twitter.com/4PjxnYn3ny
— McBiblets (@mcbiblets) April 7, 2024
According to his analysis, the fraudulent banners are connected to other phishing websites related to digital assets through the domain “ipjsonapi.”
When users click on the link, they are prompted to link their crypto wallet to receive a service, allowing attackers to gain control over the victim’s account.
Experts at ScamSniffer noted that similar malicious crypto ads have been observed on search engines like Google, Bing, and DuckDuckGo, as well as Twitter.
??️♂️ Alert: Phishing ads running rampant on Google, Twitter, Bing, & DuckDuckGo are now targeting Etherscan users.
Etherscan aggregates ads from platforms like Coinzilla & Persona, where insufficient filtering could lead to exposure to phishing attempts.?️? pic.twitter.com/EGDLiCrrAa
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) April 8, 2024
Researchers suggested vulnerabilities might exist in the ad placement services’ analysis mechanisms.
“Etherscan displays ads from platforms like Coinzilla and Persona, where insufficient filtering leads to phishing attempts,” explained ScamSniffer.
The Chief Information Security Officer of SlowMist, known as 23pds, also warned about malicious content on Etherscan.
? 注意了,有钓鱼广告上etherscan投放广告 https://t.co/gMAwZJwMeF
— 23pds (@im23pds) April 7, 2024
Previously, the founder of the Ordinal Rugs project fell victim to phishing on the Bitcoin Rock Discord server, resulting in a loss of $380,000 in assets.
In March, X accounts of several crypto industry influencers were compromised to promote the scam token PACKY. The hacker gained access through the IFTTT (If This then That) post automation service.
According to ScamSniffer, in February, over 57,000 users fell victim to phishing, losing a total of approximately $47 million in digital assets.
Рассылки ForkLog: держите руку на пульсе биткоин-индустрии!