December 21, 2023 at 04:28PM
Google and Twitter ads are promoting a malicious cryptocurrency drainer called ‘MS Drainer,’ responsible for stealing $59 million from over 63,000 victims. The drainer operates through phishing websites and malicious contracts, with its source code sold to cybercriminals for $1,500. Fraudulent ads for MS Drainer appear on Google and Twitter, often from hacked “verified” accounts. ScamSniffer recommends caution when encountering cryptocurrency-related ads.
Based on the meeting notes, here are the key takeaways:
1. A cryptocurrency drainer named ‘MS Drainer’ has stolen $59 million from 63,210 victims over the past nine months through over ten thousand phishing websites. The drainer is designed to drain funds from a user’s cryptocurrency wallet without their consent.
2. The source code for ‘MS Drainer’ is sold to cybercriminals for $1,500 by ‘Pakulichev’ or ‘PhishLab,’ who also charges a 20% fee on any stolen funds. Additional modules with new features are sold for $500 to $1,000.
3. ‘MS Drainer’ is being promoted through fraudulent ads on Google and Twitter, with the Google ads exploiting a tracking template loophole and the Twitter ads being posted from legitimate “verified” accounts. The cybercriminals also employ detection bypass methods like geofencing to target specific users.
4. The ads on X also promote NFT airdrops and new token launches on sites that contain the drainer, and it is noted that trustworthy, hacked accounts are now displaying advertisements promoting malicious sites, potentially making these attacks even more successful.
5. Users are advised to exercise caution when encountering cryptocurrency-related ads and to perform due diligence before connecting their wallets or signing up for new platforms.
These takeaways highlight the severity and complexity of the ‘MS Drainer’ cryptocurrency scam and emphasize the need for increased vigilance and due diligence when engaging with cryptocurrency-related platforms and ads.