Seeing how there are billions of dollars invested in the cryptocurrency industry, it was just a matter of time before criminal organization tried to steal some. A group of researchers found a cybercriminal gang which managed to steal millions of dollars in form of Bitcoin from numerous people through Google AdWords exploits.
Cisco Talos Cybersecurity Experts
The experts who found this cybercriminal gang work for Cisco Talos which is a cybersecurity firm. The experts were also helped by the Ukraine Cyberpolice which managed to track and monitor every move that this group made during the past six months.
The Coinhoarder
The aforementioned cybercriminal gang is dubbed as “Coinhoarder” and their activities revolve around using phishing activities. These activities were first spotted in February 2017 and this is what grabbed the attention of Cisco Talos and the Ukrainian Cyberpolice.
Moreover, the gang focused its attention on the Bitcoin wallet platform blockchain.info and managed to exploit it through phishing lines.
“This campaign was unique in that adversaries leveraged Google AdWords to poison user search results in order to steal the user’s wallets. Since Cisco observed this technique, it has become increasingly common in the wild with attackers targeting many different crypto wallets and exchanges via malicious ads” said the spokesperson for Cisco Talos.
The way that these hackers managed to stole Bitcoin wallets was by establishing “gateway” phishing links that will automatically pop up in search results for people who searched information about cryptocurrency like Bitcoin and Bitcoin Wallet for example.
Furthermore, the links were bolstered by the purchase of Google AdWords which would transfer the victims to malicious websites that features phishing content which changed according to the user’s IP address and regional language, thus making the malicious websites look official.