Man
Professional
- Messages
- 3,077
- Reaction score
- 614
- Points
- 113
A group of cybercriminals who specialize in phishing operations have been deceiving UST cryptocurrency account holders on the Terra blockchain.
The attackers targeted UST wallet owners, a popular cryptocurrency in the Terra blockchain ecosystem. According to experts from cybersecurity company Knowsec, hackers stole $4.31 million from 52 wallets from April 12 to 21 this year. The wallets of all Terra users contain about 4,11,901 UST tokens, which is approximately $4,111,900 million, and 2,089 LUNA tokens (part of the Terra ecosystem) worth $197,269.
According to the study, the phishing ad occupied the first advertising spot in the search for the query "Terra bridge" in Google. The ad displayed the official website address - bridge.terra.money. However, after clicking on the ad, the user was transferred to a third-party fraudulent resource - bridge.terra.money.biz.
At the moment, the site has already been marked by the Google search engine as potentially malicious. The design of the resource almost completely reproduces the official Terra site. When entering the site, the user is immediately shown a pop-up window with a form to log in to their personal wallet.
One of the moderators of the official Terra Discord channel reported that he noticed the scam ads and reported them to Google. Several users and members of the Discord channel also reported that they warned Google about malicious ads.
According to the moderator, these ads have been harassing investors for months. Another Terra moderator warned users and Twitter channel members in March that scammers were distributing ads to those who store their crypto savings using the Anchor protocol.
This phishing attack shows how creative hackers can be in trying to trick cryptocurrency holders. It also shows how easily they can steal millions of dollars in cryptocurrency without hacking anyone.
Over the past few months, hackers have attacked companies that are somehow related to cryptocurrency: games Axie Infinity and WonderHero, which specialize in earning cryptocurrency from playing, stablecoin Beanstalk, Poly Network, cross-platform Wormhole, popular exchange Crypto.com, Multichain, cryptocurrency company Vulcan Forge, BadgerDAO, and exchange BitMart.
A Google spokesperson said: "Protecting users from ad fraud and data theft is a priority, which is why we have strict policies in place to detect and block ad phishing attempts. In response, we reviewed the advertiser's account and took appropriate action. We are committed to ensuring this does not happen again.
The attackers targeted UST wallet owners, a popular cryptocurrency in the Terra blockchain ecosystem. According to experts from cybersecurity company Knowsec, hackers stole $4.31 million from 52 wallets from April 12 to 21 this year. The wallets of all Terra users contain about 4,11,901 UST tokens, which is approximately $4,111,900 million, and 2,089 LUNA tokens (part of the Terra ecosystem) worth $197,269.
According to the study, the phishing ad occupied the first advertising spot in the search for the query "Terra bridge" in Google. The ad displayed the official website address - bridge.terra.money. However, after clicking on the ad, the user was transferred to a third-party fraudulent resource - bridge.terra.money.biz.
At the moment, the site has already been marked by the Google search engine as potentially malicious. The design of the resource almost completely reproduces the official Terra site. When entering the site, the user is immediately shown a pop-up window with a form to log in to their personal wallet.
One of the moderators of the official Terra Discord channel reported that he noticed the scam ads and reported them to Google. Several users and members of the Discord channel also reported that they warned Google about malicious ads.
According to the moderator, these ads have been harassing investors for months. Another Terra moderator warned users and Twitter channel members in March that scammers were distributing ads to those who store their crypto savings using the Anchor protocol.
This phishing attack shows how creative hackers can be in trying to trick cryptocurrency holders. It also shows how easily they can steal millions of dollars in cryptocurrency without hacking anyone.
Over the past few months, hackers have attacked companies that are somehow related to cryptocurrency: games Axie Infinity and WonderHero, which specialize in earning cryptocurrency from playing, stablecoin Beanstalk, Poly Network, cross-platform Wormhole, popular exchange Crypto.com, Multichain, cryptocurrency company Vulcan Forge, BadgerDAO, and exchange BitMart.
A Google spokesperson said: "Protecting users from ad fraud and data theft is a priority, which is why we have strict policies in place to detect and block ad phishing attempts. In response, we reviewed the advertiser's account and took appropriate action. We are committed to ensuring this does not happen again.
