Google Ads-delivered malware drains NFT influencer’s entire crypto wallet

An NFT influencer claims to have lost “a life-changing amount” of their net worth in nonfungible tokens (NFTs) and crypto after accidentally downloading malicious software found in a Google Ad search result.

The pseudo-anonymous influencer known on Twitter as “NFT God” posted a series of tweets on Jan. 14 describing how his “entire digital livelihood” came under attack including a compromise of his crypto wallet and multiple online accounts.

NFT God, known also as “Alex” said he used Google’s search engine to download OBS, an open-source video streaming software, instead of clicking on the official website, he clicked the sponsored advertisement for what he thought was the same thing. 

It wasn’t until hours later after a series of phishing tweets posted by attackers on two Twitter accounts Alex operates that he realized malware was downloaded from the sponsored advertisement alongside the software he wanted.

Following a message from an acquaintance, Alex noticed his crypto wallet was also compromised. The day after, attackers breached his Substack account and sent phishing emails to his 16,000 subscribers.

Blockchain data shows at least 19 Ether (ETH) worth nearly $27,000 at the time, a Mutant Ape Yacht Club (MAYC) NFT with a current floor price of 16 ETH ($25,000) and multiple other NFTs were siphoned from Alex’s wallet.

The attacker moved most of the ETH through multiple wallets before sending it to the decentralized exchange (DEX) FixedFloat, where it was swapped for unknown cryptocurrencies.

Alex believes the “critical mistake” that allowed the wallet hack was setting up his hardware wallet as a hot wallet by entering its seed phrase “in a way that no longer kept it cold,” or offline which allowed hackers to gain control of his crypto and NFTs.

Related: Navigating the World of Crypto: Tips for Avoiding Scams

Unfortunately, NFT God’s experience isn’t the first time the crypto community has dealt with crypto-stealing malware in Google Ads.

A Jan. 12 report from cybersecurity firm Cyble warned of an information-stealing malware called “Rhadamanthys Stealer” spreading through Google Ads on “highly convincing phishing webpage[s].”

In October 2022, Binance CEO Changpeng “CZ” Zhao warned Google results were promoting crypto phishing and scamming websites in search results.

Cointelegraph contacted Google for comment but did not receive a response. In its help center, however, Google said it “actively works with trusted advertisers and partners to help prevent malware in ads.”

It also describes its use of “proprietary technology and malware detection tools” to regularly scan Google Ads.

Cointelegraph was unable to replicate the results of Alex’s search nor verify if the malicious website was still active.

All Dutch and English crypto news!

Breaking: Sam Bankman-Fried moet 25 jaar de bak in

Sam Bankman-Fried, de mede-oprichter van de failliete exchange FTX, is veroordeeld tot een gevangenisstraf van 25 jaar. Bankman-Fried wordt er van beschuldigd grootschalige fraude te...

Crypto users react to Sam Bankman-Fried’s 25-year sentence

Many on social media suggested that 25 years was “too light” given the former FTX CEO’s crimes, speculating that he would end up serving less...

Price analysis 3/28: BTC, ETH, BNB, SOL, XRP, ADA, DOGE, AVAX, SHIB, TON

Bitcoin is looking positive, but the up move is likely to face stiff resistance above $72,000. Price Analysis Own this piece of crypto history Collect this article as...

MetaWin Launches New Base and Arbitrum Layer 2-Powered Swap System, Boasting 2-Second Payment Speeds and Half a Cent Gas Fees

London, United Kingdom, March 28th, 2024, Chainwire MetaWin, the trailblazing platform for on-chain prize competitions, is delighted to announce the incorporation of the Base and Arbitrum...

Beste exchanges

Koop je crypto bij Bitvavo