Pages:
Author

Topic: Hackers Stole $50 Million in Cryptocurrency Using 'Poison' Google Ads (Read 318 times)

jr. member
Activity: 248
Merit: 1
http://fortune.com/2018/02/14/bitcoin-cryptocurrency-blockchain-wallet-hack/

Quote
For years, hackers have robbed Bitcoin investors, emptying their cryptocurrency wallets without fear of being caught thanks to the relative anonymity of the blockchain. Now, Cisco (csco, +5.04%) has exposed the thieves behind a string of particularly flagrant attacks.

A Ukrainian hacker group dubbed Coinhoarder has stolen more than $50 million in cryptocurrency from users of Blockchain.info, one of the most popular providers of digital currency wallets, according to a report published Wednesday by Cisco’s Talos cybersecurity team.

The report explains how thieves preyed upon their victims using a “very simple” yet treacherous technique: Buying Google ads on popular search keywords related to cryptocurrency “to poison user search results” and snatch the contents of crypto wallets. This meant people Googling terms like “blockchain” or “bitcoin wallet,” saw links to malicious websites masquerading as legitimate domains for Blockchain.info wallets.

For example, the poison ads included “spoofed” links with small types like “blokchien.info/wallet” and “block-clain.info,” which sent visitors to a landing page that mirrored actual websites of the company Blockchain, which runs both the domains Blockchain.info and blockchain.com. (The legitimate sites appeared lower in results than the “poisoned” links, according to Cisco’s report.)

Fooled into believing they had come to the right place, victims then entered private information that allowed the hackers to gain access to their actual wallets and take their digital money. “The attackers needed only to continue purchasing Google AdWords to ensure a steady stream of victims,” the Talos team led by Jeremiah O’Connor and Dave Maynor said in their report.

Blockchain, for its part, is working with Google “on a daily basis” to take down phishing ads, and secured the removal of almost 10,000 such malicious websites last year, along with another 3,000 it flagged in January alone, according to Blockchain CEO and co-founder Peter Smith.

The solution to this is not using Google to navigate. If you already have an account at blockchain.info or an exchange, BOOKMARK the url and go straight to that instead of googling the exchange name.

yeah i noticed the majority of google ads with certain keywords give out the fake phishing links. It's really annoying and dangerous especially for noobs who have no experience.
legendary
Activity: 1484
Merit: 1026
In Cryptocoins I Trust
A Ukrainian hacker group dubbed Coinhoarder

Just popping in to say that I obviously have nothing to do with this, because I don't know any Ukranians....

Well... as long as you don't count the random Ukranian couple I met while staying at a hostel in Amsterdam, with whom I have not had any contact ever since. 😂
sr. member
Activity: 1007
Merit: 279
Payment Gateway Allows Recurring Payments
Google should really have a manual verification process for untrusted ad partners, ensuring that they are not mimicking similar services, or sites that cater for sensitive information. To some degree, I think Google is responsible for the losses incurred by these users. To be honest though, you need to be pretty stupid to be fooled by the old domain switcheroo attack. e.g. www.blockchain.info.xyz could be used instead of the actual domain. Most browsers even highly the domain extension and flag up potentially malicious sites. So these people must be either 1. Woefully ignorant, 2. Not adequately secured, or 3. Both.

It's been so long and yet they still haven't learned. Sorry for necro bump but this really F***ing annoys me.
member
Activity: 266
Merit: 32
Always hackers find new ways how to fool system, by this reason my recommendation never lost their actuality - Use dedicated laptop for wallet operations

For years, hackers have robbed Bitcoin investors, emptying their cryptocurrency wallets without fear of being caught thanks to the relative anonymity of the blockchain. Now, Cisco (csco, +5.04%) has exposed the thieves behind a string of particularly flagrant attacks.
hero member
Activity: 1190
Merit: 534
Exactly! if we have shown interest in the bitcoin or blockchain on social media then we are the part of huge ad-bombing taking place on these platforms. Phishing through platforms like FB, Google is still easy to conduct and it is really frustrating. The mass awareness is the only solution I do see when it comes to the issues like this one.

There is a huge power lies in Cryptocurrencies but as Uncle Ben says "With Great Power Comes Great Responsibility". In crypto we are responsible for our actions.
member
Activity: 420
Merit: 10
Always hackers find new ways how to fool system, by this reason my recommendation never lost their actuality - Use dedicated laptop for wallet operations
full member
Activity: 1470
Merit: 108
Google Adds should include a reputation score of some sort. This way the well known companies with legit adds could be identified by us users easily, while scrutinizing the rest.
Also Google should work on shutting down adds that link to scams (i.e. no reputation + x amount of negatives -> shutdown), similarly to how antiviruses do.

Google already has very strict mechanisms to detect such ads. As an internet marketer, I have suffered a lot because of their strict policies. They completely ban your Adwords account if they notice any suspicious activity like promoting scams or illegal offers. Sometimes people are able to find loopholes and these are exploited till Google notices and patches them.
member
Activity: 266
Merit: 32
Ayay sir, i will bookmark my wallet website from now. Thank you for sharing this information

Direct source/website is good. Use less Google
legendary
Activity: 1652
Merit: 1088
CryptoTalk.Org - Get Paid for every Post!
Google made profits from those "poison ads" ??
Yes. Google makes a small profit every time someone clicks an ad.
It would be interesting to see what happens if someone sues Google over this. For example, if you search for "ChipMixer" (the one in my signature is the real one), Google advertises a phishing website. I have reported the phishing site to Google on December 15, 2017, and I know other people have reported it too. Google simply ignores it, allows scammers to advertise, and earns from this. Doesn't that make Google responsible for all people who get scammed since the fake site was first reported?


Perhaps report Google to the FTC? I think they regulate online advertising:

https://www.ftc.gov/tips-advice/business-center/advertising-and-marketing/online-advertising-and-marketing
newbie
Activity: 294
Merit: 0
Ayay sir, i will bookmark my wallet website from now. Thank you for sharing this information
member
Activity: 266
Merit: 32
Google need to tighten their security regarding advertising. They cannot let websites like this use Google Adsense...

YES, less Google Adsense
hero member
Activity: 611
Merit: 500
Google need to tighten their security regarding advertising. They cannot let websites like this use Google Adsense...
legendary
Activity: 1190
Merit: 1001
how google improve the website without any verification , IF we place an ad with same keyword with high bid that person always win. In this google made money But at least we people must watch the address we are opening that is right or wrong. Most of cases i seen that people search a word and they open first website which google shows and it was an add. Google get paid and That website tell all traffic.

always bookmark the urls u often visit otherwise we will lose our secure funds and always install proper internet security antivirus
legendary
Activity: 2338
Merit: 10802
There are lies, damned lies and statistics. MTwain
Google Adds should include a reputation score of some sort. This way the well known companies with legit adds could be identified by us users easily, while scrutinizing the rest.
Also Google should work on shutting down adds that link to scams (i.e. no reputation + x amount of negatives -> shutdown), similarly to how antiviruses do.
member
Activity: 210
Merit: 10
one thing I hate most in the internet world is hackers, they abuse their intelligence to harm many parties
they hack the system, steal valuable assets, as well as valuable information that is neatly stored with the intention of pleasure or to gain profit for themselves, and now I feel very anxious when doing transactions, they can come anytime
pick up and leave without leaving a trail and without feeling guilty
member
Activity: 266
Merit: 32
It would be interesting to see what happens if someone sues Google over this. For example, if you search for "ChipMixer" (the one in my signature is the real one), Google advertises a phishing website. I have reported the phishing site to Google on December 15, 2017, and I know other people have reported it too. Google simply ignores it, allows scammers to advertise, and earns from this. Doesn't that make Google responsible for all people who get scammed since the fake site was first reported? They don't seem to care about people getting scammed, as long as they earn from it.

the main problem is Google's multi-billion dollar software which rules the internet keeps showing/bombards "google ads" all over the internet.
member
Activity: 266
Merit: 32
Yes. Google makes a small profit every time someone clicks an ad.The hackers paid google by the click, and they probably thought it was very cheap for the gains they were making through hijacking people's wallets.

Why do people click/see google ads.

Other ways such as "forum signatures" are safer than google ads.


Like I said: bookmark the urls of the exchanges you use. Don't google them.

Use and throw google.com  Grin
member
Activity: 266
Merit: 32
Google should really have a manual verification process for untrusted ad partners, ensuring that they are not mimicking similar services, or sites that cater for sensitive information. To some degree, I think Google is responsible for the losses incurred by these users. To be honest though, you need to be pretty stupid to be fooled by the old domain switcheroo attack. e.g. www.blockchain.info.xyz could be used instead of the actual domain. Most browsers even highly the domain extension and flag up potentially malicious sites. So these people must be either 1. Woefully ignorant, 2. Not adequately secured, or 3. Both.

Google has multi-billion dollars software which shows "google ads" all over the internet. They track users activities on the internet and "google ads" become headaches. Google has been responsible for killing "internet marketing".

Why click/see google ads ?
legendary
Activity: 1904
Merit: 1074
http://fortune.com/2018/02/14/bitcoin-cryptocurrency-blockchain-wallet-hack/

Quote
For years, hackers have robbed Bitcoin investors, emptying their cryptocurrency wallets without fear of being caught thanks to the relative anonymity of the blockchain. Now, Cisco (csco, +5.04%) has exposed the thieves behind a string of particularly flagrant attacks.

A Ukrainian hacker group dubbed Coinhoarder has stolen more than $50 million in cryptocurrency from users of Blockchain.info, one of the most popular providers of digital currency wallets, according to a report published Wednesday by Cisco’s Talos cybersecurity team.

The report explains how thieves preyed upon their victims using a “very simple” yet treacherous technique: Buying Google ads on popular search keywords related to cryptocurrency “to poison user search results” and snatch the contents of crypto wallets. This meant people Googling terms like “blockchain” or “bitcoin wallet,” saw links to malicious websites masquerading as legitimate domains for Blockchain.info wallets.

For example, the poison ads included “spoofed” links with small types like “blokchien.info/wallet” and “block-clain.info,” which sent visitors to a landing page that mirrored actual websites of the company Blockchain, which runs both the domains Blockchain.info and blockchain.com. (The legitimate sites appeared lower in results than the “poisoned” links, according to Cisco’s report.)

Fooled into believing they had come to the right place, victims then entered private information that allowed the hackers to gain access to their actual wallets and take their digital money. “The attackers needed only to continue purchasing Google AdWords to ensure a steady stream of victims,” the Talos team led by Jeremiah O’Connor and Dave Maynor said in their report.

Blockchain, for its part, is working with Google “on a daily basis” to take down phishing ads, and secured the removal of almost 10,000 such malicious websites last year, along with another 3,000 it flagged in January alone, according to Blockchain CEO and co-founder Peter Smith.

The solution to this is not using Google to navigate. If you already have an account at blockchain.info or an exchange, BOOKMARK the url and go straight to that instead of googling the exchange name.

NOPE!!!! Do not Bookmark these sites, because even Bookmarks can be changed. This will only create a false sense of security,

if people trust their own Bookmarks. Just type the damn URL and stop being lazy, because it is going to cost you money. Also,

DO NOT trust auto complete. These viruses or Malware can change the auto complete data too and then re-direct you to the

Phishing site. Use your eyes and double check the URL you typed. Blockchain.info takes 3 to 4 seconds to type for average

users... that is definitely not that much trouble.  Roll Eyes
member
Activity: 238
Merit: 10
Ddos attack, phishing attacks inflict damage on the not quite securely protected system, in such cases, if a large account is in the purse, you should check it every half day, so that it's not scary for your income
Pages:
Jump to: