Search Engine Advertising serving Phished Client Wallets, Thieves stole 500K in ether crypto

13


Open Source software is free and great, but hackers (phishers) using it to exploit search engines by buying high click through Ads:

Anyone who clicked on these Ads, transferred the money and stole the private key to this address, which has around 500K of money:
https://ethplorer.io/address/0x9f724e75506f297b9b9591a3a3d62fbf9e43d6d0

They are pretty sophisticated hacks, they are man in middling using tracker urls, and the url is using unicodes in the domain to phish. Which is very hard to glance, look at these examples, they area working phished sites.

Yesterday the ad was pointing to this:

https://www.xn--mytherwaet-9k2ea69n.com/api => https://www.myẹtherwaḷḷet.com/api/

Today it is pointing to:

https://www.xn--myetheralle-7b9ezl.com/api/ => https://www.myetherẇalleṭ.com/api/

Their man in middle tracking service was basically serving phished sites to new users and real sites to reoccurring users, hoping no one catches them.

Remember to always bookmark your client wallets.

LEAVE A REPLY

Please enter your comment!
Please enter your name here