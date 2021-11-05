Last weekend, an unknown group of scammers managed to steal about $ 500,000 worth of cryptocurrency from citizens. According to Check Point Research (CPR), they launched a Google Ads advertising campaign, in which ads led to sites copying the popular Phantom App and MetaMask cryptocurrency wallets.

In addition to having a similar look and feel, the sites had similar URLs to their original. For example, a copy of the site phantom.app was created at phantonn.app. A gullible user visits such a site and tries to enter their personal account, and scammers steal data from the account. If the victim tries to create a new wallet, a secret recovery phrase is substituted for him – by entering it, the victim finds himself under the account of the fraudster, and any funds transferred to this wallet end up with the attacker.

Phantom and MetaMask are some of the most popular wallets for Solana and Ethereum cryptocurrencies. Using the Reddit forum, it was possible to establish that about $ 500,000 were stolen over the weekend alone, 11 compromised crypto wallet accounts with assets in the amount of $ 1,000 to $ 10,000 were also discovered – the funds were withdrawn before CPR specialists had time to do anything. Overall, the company concluded that scam groups are now betting on search ads on Google, and this strategy is quite effective. To counteract cybercriminals, it is recommended to remember the correct addresses of wallet resources and skip advertisements when searching so as not to fall for the trick of scammers.