{"id":2594,"date":"2023-01-19T01:05:15","date_gmt":"2023-01-19T01:05:15","guid":{"rendered":"https:\/\/nftmetta.com\/?p=2594"},"modified":"2023-01-19T01:05:16","modified_gmt":"2023-01-19T01:05:16","slug":"google-ads-delivered-malware-drains-nft-influencers-entire-crypto-wallet","status":"publish","type":"post","link":"https:\/\/nftmetta.com\/google-ads-delivered-malware-drains-nft-influencers-entire-crypto-wallet\/","title":{"rendered":"Google Ads-delivered malware drains NFT influencer\u2019s entire crypto wallet"},"content":{"rendered":"\n

January 19, 2023<\/p>\n\n\n\n

By Sharan Kaur Phillora<\/p>\n\n\n\n

Malware operators have been increasingly abusing the Google Ads platform to spread malware to unsuspecting users searching for popular software products. <\/p>\n\n\n\n

One such case that came into light recently involved a crypto wallet linked to an NFT influencer, who had a \u201clife-changing amount\u201d of their net worth in NFTs balance drained by malicious actors while downloading software found via a Google Ad search result.<\/p>\n\n\n\n

Here’s what we know:<\/strong><\/p>\n\n\n\n

Known to the crypto world as “NFT God” aka Alex, this pseudo-anonymous influencer took to Twitter and shared tweets<\/u><\/a> claiming his \u201centire digital livelihood\u201d came under attack.<\/p>\n\n\n\n

He says he meant to download OBS, an open-source video streaming software. But the sponsored advertisement  for the software, which he found through a Google Search, led to a Trojan download.<\/p>\n\n\n\n

After two hours he saw series of phishing tweets posted by attackers on two Twitter accounts that Alex operates. He then noticed his crypto wallet was also  drained. But that’s not all. The attackers breached his Substack account and sent phishing emails to his 16,000 subscribers.<\/p>\n\n\n\n

This is an alarming case as it shows how attackers are using sponsored Google Ads to spread malware and phishing links. It also highlights the importance of being vigilant when it comes to downloading software from search results.<\/p>\n\n\n\n

One good way to block these campaigns is to activate an ad-blocker on your web browser, which filters out promoted results from Google Search.<\/p>\n\n\n\n

Another precaution would be to scroll down until you see the official domain of the software project you\u2019re looking for. If unsure, the official domain is listed on the software\u2019s Wikipedia page.<\/p>\n\n\n\n

If you visit the website of a particular software project frequently to source updates, it\u2019s better to bookmark the URL and use that for direct access.<\/p>\n\n\n\n

A common sign that the installer you\u2019re about to download might be malicious is an abnormal file size.<\/p>\n\n\n\n

Another clear giveaway of foul play is the domain of the download site, which may resemble the official one but has swapped characters in the name or a single wrong letter, known as \u201ctyposquatting.\u201d<\/p>\n\n\n\n

About the author<\/strong><\/strong><\/p>\n\n\n\n

Sharan Kaur Phillora\u2019s thirst for knowledge has led her to study many different subjects, including NFTs and Blockchain technology \u2013 two emerging technologies that will change how we interact with each other in the future. When she isn\u2019t exploring a new idea or concept, she enjoys reading literary masterpieces.<\/p>\n","protected":false},"excerpt":{"rendered":"

January 19, 2023 By Sharan Kaur Phillora Malware operators have been increasingly abusing the Google Ads platform to spread malware to unsuspecting users searching for popular software products.  One such […]<\/p>\n","protected":false},"author":1,"featured_media":2598,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""}},"footnotes":""},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/nftmetta.com\/wp-json\/wp\/v2\/posts\/2594"}],"collection":[{"href":"https:\/\/nftmetta.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nftmetta.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nftmetta.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/nftmetta.com\/wp-json\/wp\/v2\/comments?post=2594"}],"version-history":[{"count":1,"href":"https:\/\/nftmetta.com\/wp-json\/wp\/v2\/posts\/2594\/revisions"}],"predecessor-version":[{"id":2599,"href":"https:\/\/nftmetta.com\/wp-json\/wp\/v2\/posts\/2594\/revisions\/2599"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/nftmetta.com\/wp-json\/wp\/v2\/media\/2598"}],"wp:attachment":[{"href":"https:\/\/nftmetta.com\/wp-json\/wp\/v2\/media?parent=2594"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nftmetta.com\/wp-json\/wp\/v2\/categories?post=2594"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nftmetta.com\/wp-json\/wp\/v2\/tags?post=2594"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}