In a relentless spree of deceit, scammers pilfered a staggering $3 million in cryptocurrencies on Christmas Day alone. Operating under the radar, these fraudulent actors capitalized on Google Ads, luring unsuspecting users into nefarious schemes by directing them to counterfeit versions of popular Web3 platforms. The sophisticated exploitation of wallet-draining software in tandem with deceptive advertisements has continued despite previous alerts to Google Ads security earlier in 2023.
Reportedly, Scam Sniffer, a vigilant security firm, uncovered the latest wave of phishing attacks linked to the same malicious addresses registered in their scam database. The targeted platforms included notable names such as Zapper, Lido, Stargate, DefiLlama, Orbiter Finance, and Radient.
Screenshots shared by Scam Sniffer detailed the specific cryptocurrencies siphoned off in separate incidents—WBTC, aPolUSDT, aUSDC, and USDT—affecting numerous victims ensnared by these fraudulent sites.
Despite efforts to alert Google Ads security about the ongoing proliferation of these fake websites and the implementation of wallet-draining software as far back as April 2023, Scam Sniffer’s attempts to engage with the platform have not yielded any response yet. This lack of action underscores the urgency of addressing these critical security loopholes that continue to facilitate these sophisticated cryptocurrency scams, leaving unsuspecting users vulnerable to substantial financial losses.