NFTs Worth Over $27,000 Stolen Via Malware Wrapped in Google Ads, Victim Loses Life Savings

Share

NFTs nearly $30,000 (roughly Rs. 24 lakh) have reportedly been stolen from an NFT influencer, who goes by the pseudonym ‘NFT God’ on Twitter. The influencer has claimed that his wallet full of digital collectibles was drained in a hack attack. Valuable NFTs worth nearly $30,000 (roughly Rs. 24 lakh) were drained out of his wallet, after he engaged with a sponsored advertisement on Google’s search engine, that replicated an open-source video streaming software which the victim was searching for in the first place.

Along with the costliest Mutant Ape Yacht Club (MAYC) NFT, a bunch of other NFTs amounting to ETH 19 amounting upto over Rs. 24 lakh have been reported stolen, as per Etherscan.

The verified Twitter account of ‘NFT God’, that has over 91,000 followers, mostly from the crypto community, posted about the incident warning others against being scammed.

“My Twitter was hacked. I pop open the OpenSea bookmark of my ape and there it is. A completely different wallet listed as the owner. I knew at that moment it was all gone. Everything. All my crypto and NFTs ripped from me,” the influencer tweeted.

The hack took place on January 15, according to the influencer.

Last week, cybersecurity firm Cyble had sounded a warning against malware that was hunting for phishing victims via Google ads. The name of this malware was dubbed “Rhadamanthys Stealer” by the company.

“Rhadamanthys stealer spreads by using Google Ads that redirect the user to phishing websites that mimic popular software such as Zoom, AnyDesk etc. It can also spread via spam email containing an attachment for delivering the malicious payload. The TAs behind this campaign also created a highly convincing phishing webpage impersonating legitimate websites to trick users into downloading the stealer malware The link to these phishing websites spreads through Google ads,” Cyble had said in its report. Google is yet to issue a statement related to the claims of the NFT influencer.

While sharing details of his ordeal with his followers on Twitter, the victim claimed that he made an error during setting up his Ledger account on his new computer, that may have given access to his social networking accounts and digital wallets to the hacker.

“I go to set up my Ledger with it and I make a critical mistake. I set it up as a hot wallet instead of a cold wallet,” he noted.

Hot wallets are connected to the Internet making them more susceptible to hacking attempts, whereas cold wallets are ones that store crypto tokens offline, but their drawback is that they could be lost or damaged by the holders.

As per a CoinTelegraph report, most of the stolen ETH were sent to a decentralised exchange called FixedFloat via multiple wallets.

This is not the first instance, where Google ads have been used in conjunction with phishing malware. In October 2022, Binance CEO Changpeng Zhao had also warned crypto investors against malicious actors targeting them via Google.

In September, Google Play Store analytics had revealed that two apps — Mister Phone Cleaner and Kylhavy Mobile Security were infected with a malware called SharkBot that was capable of stealing cookies from accounts and while bypassing authentication methods that require user input, such as fingerprints.


Affiliate links may be automatically generated – see our ethics statement for details.