|
Title: Hackers Stole $50 Million in Cryptocurrency Using 'Poison' Google Ads Post by: alyssa85 on February 16, 2018, 01:31:35 PM http://fortune.com/2018/02/14/bitcoin-cryptocurrency-blockchain-wallet-hack/
Quote For years, hackers have robbed Bitcoin investors, emptying their cryptocurrency wallets without fear of being caught thanks to the relative anonymity of the blockchain. Now, Cisco (csco, +5.04%) has exposed the thieves behind a string of particularly flagrant attacks. A Ukrainian hacker group dubbed Coinhoarder has stolen more than $50 million in cryptocurrency from users of Blockchain.info, one of the most popular providers of digital currency wallets, according to a report published Wednesday by Cisco’s Talos cybersecurity team. The report explains how thieves preyed upon their victims using a “very simple” yet treacherous technique: Buying Google ads on popular search keywords related to cryptocurrency “to poison user search results” and snatch the contents of crypto wallets. This meant people Googling terms like “blockchain” or “bitcoin wallet,” saw links to malicious websites masquerading as legitimate domains for Blockchain.info wallets. For example, the poison ads included “spoofed” links with small types like “blokchien.info/wallet” and “block-clain.info,” which sent visitors to a landing page that mirrored actual websites of the company Blockchain, which runs both the domains Blockchain.info and blockchain.com. (The legitimate sites appeared lower in results than the “poisoned” links, according to Cisco’s report.) Fooled into believing they had come to the right place, victims then entered private information that allowed the hackers to gain access to their actual wallets and take their digital money. “The attackers needed only to continue purchasing Google AdWords to ensure a steady stream of victims,” the Talos team led by Jeremiah O’Connor and Dave Maynor said in their report. Blockchain, for its part, is working with Google “on a daily basis” to take down phishing ads, and secured the removal of almost 10,000 such malicious websites last year, along with another 3,000 it flagged in January alone, according to Blockchain CEO and co-founder Peter Smith. The solution to this is not using Google to navigate. If you already have an account at blockchain.info or an exchange, BOOKMARK the url and go straight to that instead of googling the exchange name. Title: Re: Hackers Stole $50 Million in Cryptocurrency Using 'Poison' Google Ads Post by: First77 on February 16, 2018, 01:37:36 PM Google made profits from those "poison ads" ??
Title: Re: Hackers Stole $50 Million in Cryptocurrency Using 'Poison' Google Ads Post by: bit-freedom on February 16, 2018, 01:55:50 PM Thank you for sharing. Such phishing websites affect not only Blockchain.info but also the other popular exchanges and ICO project websites. We have to be careful about the websites accessed and use bookmarks.
Title: Re: Hackers Stole $50 Million in Cryptocurrency Using 'Poison' Google Ads Post by: kaizerblitz on February 16, 2018, 02:18:54 PM That"s nasty hackers stole $50 million of cryptocurrency i was feel so sad for those victim i hope they think before click because internet is dangerous.
Title: Re: Hackers Stole $50 Million in Cryptocurrency Using 'Poison' Google Ads Post by: @bi5ML on February 16, 2018, 02:21:59 PM Phishing attack to Blockchain, does it not enable Google Authentication? Blockchain wallet is very safe, the risk of hackers is very small. In this case the user must recognize where the attack started, whether from phishing email or anything else.
Title: Re: Hackers Stole $50 Million in Cryptocurrency Using 'Poison' Google Ads Post by: alyssa85 on February 16, 2018, 02:23:39 PM Google made profits from those "poison ads" ?? Yes. Google makes a small profit every time someone clicks an ad. The hackers paid google by the click, and they probably thought it was very cheap for the gains they were making through hijacking people's wallets. Like I said: bookmark the urls of the exchanges you use. Don't google them. Title: Re: Hackers Stole $50 Million in Cryptocurrency Using 'Poison' Google Ads Post by: Lucius on February 16, 2018, 02:37:11 PM This is very popular way to deceive users and steal their user names&paswords,and it turned out to be a very inexpensive and effective way.In last months many people reported here on forum and on Reddit that after they download Electrum wallet( as upgrade ), or as a first time wallet - that their BTC is send in transaction in a matter of a few minutes.So many check what is going on,and we see that if you search for "Electrum" in google search, first results is paying add from Google which is always phising site with fake wallet.
I report more then 15 such sites related to Electrum,but new one pops every day - and newbies are perfect targets for such trap. If you see something like that report here : Report Phishing Page (https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en) Title: Re: Hackers Stole $50 Million in Cryptocurrency Using 'Poison' Google Ads Post by: hatshepsut93 on February 16, 2018, 02:37:17 PM The solution to this is not using Google to navigate. If you already have an account at blockchain.info or an exchange, BOOKMARK the url and go straight to that instead of googling the exchange name. Google has a lot of flaws, but all other search engines are much worse in quality, so abandoning Google is not an option for most people. You are right about bookmarking, but there's also additional practices like: using adblockers, ignoring ads manually (basically, just never clicking on them if they appear), verifying SSL. The biggest risk of getting scammed by malicious search results is when you use a service for the first time, so before depositing your coins or installing some software, users should always verify that this is official sites by searching for mentions across the web and verifying signatures when possible. Title: Re: Hackers Stole $50 Million in Cryptocurrency Using 'Poison' Google Ads Post by: coinsocieties on February 16, 2018, 02:43:15 PM http://fortune.com/2018/02/14/bitcoin-cryptocurrency-blockchain-wallet-hack/ Quote For years, hackers have robbed Bitcoin investors, emptying their cryptocurrency wallets without fear of being caught thanks to the relative anonymity of the blockchain. Now, Cisco (csco, +5.04%) has exposed the thieves behind a string of particularly flagrant attacks. A Ukrainian hacker group dubbed Coinhoarder has stolen more than $50 million in cryptocurrency from users of Blockchain.info, one of the most popular providers of digital currency wallets, according to a report published Wednesday by Cisco’s Talos cybersecurity team. The report explains how thieves preyed upon their victims using a “very simple” yet treacherous technique: Buying Google ads on popular search keywords related to cryptocurrency “to poison user search results” and snatch the contents of crypto wallets. This meant people Googling terms like “blockchain” or “bitcoin wallet,” saw links to malicious websites masquerading as legitimate domains for Blockchain.info wallets. For example, the poison ads included “spoofed” links with small types like “blokchien.info/wallet” and “block-clain.info,” which sent visitors to a landing page that mirrored actual websites of the company Blockchain, which runs both the domains Blockchain.info and blockchain.com. (The legitimate sites appeared lower in results than the “poisoned” links, according to Cisco’s report.) Fooled into believing they had come to the right place, victims then entered private information that allowed the hackers to gain access to their actual wallets and take their digital money. “The attackers needed only to continue purchasing Google AdWords to ensure a steady stream of victims,” the Talos team led by Jeremiah O’Connor and Dave Maynor said in their report. Blockchain, for its part, is working with Google “on a daily basis” to take down phishing ads, and secured the removal of almost 10,000 such malicious websites last year, along with another 3,000 it flagged in January alone, according to Blockchain CEO and co-founder Peter Smith. The solution to this is not using Google to navigate. If you already have an account at blockchain.info or an exchange, BOOKMARK the url and go straight to that instead of googling the exchange name. this is the good reason why we need to be carefull everytime we are opening our wallet in website for me as i always use myetherwallet as a wallet in some ERC20 tokens i bookmark the url and double check the main url if it is correct before i input my private key so that i can sure that this is not a fcking phishing sites. the same thing as i use in blockchain.info and my other wallets. what a sad for a people who lost there money for just a second while you are taking years to banking it. Title: Re: Hackers Stole $50 Million in Cryptocurrency Using 'Poison' Google Ads Post by: Payapa on February 16, 2018, 02:45:22 PM We see ads everywhere in the net nowadays. It's not surprising that hackers could utilize it since it's like a thing we see every time, yet not being vigilant enough to notice them, and their actions. I guess the lesson here is to double-check the domains of where you're going in the net, especially if it's anything that's in connection to crypto. Hardware/ paper wallets are recommended since there's no way for hackers to get into it other than getting their hands on the actual wallet in person. Bookmarking is one good way too to prevent from searching, and storing your private key someone that's not the machine you're using for browsing.
Title: Re: Hackers Stole $50 Million in Cryptocurrency Using 'Poison' Google Ads Post by: LoyceV on February 16, 2018, 02:48:14 PM Google made profits from those "poison ads" ?? Yes. Google makes a small profit every time someone clicks an ad.If you see something like that report here : Report Phishing Page (https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en[/url) They don't seem to care about people getting scammed, as long as they earn from it.Title: Re: Hackers Stole $50 Million in Cryptocurrency Using 'Poison' Google Ads Post by: ostrovagaly on February 16, 2018, 02:48:43 PM Ddos attack, phishing attacks inflict damage on the not quite securely protected system, in such cases, if a large account is in the purse, you should check it every half day, so that it's not scary for your income
Title: Re: Hackers Stole $50 Million in Cryptocurrency Using 'Poison' Google Ads Post by: Kprawn on February 16, 2018, 02:54:09 PM http://fortune.com/2018/02/14/bitcoin-cryptocurrency-blockchain-wallet-hack/ Quote For years, hackers have robbed Bitcoin investors, emptying their cryptocurrency wallets without fear of being caught thanks to the relative anonymity of the blockchain. Now, Cisco (csco, +5.04%) has exposed the thieves behind a string of particularly flagrant attacks. A Ukrainian hacker group dubbed Coinhoarder has stolen more than $50 million in cryptocurrency from users of Blockchain.info, one of the most popular providers of digital currency wallets, according to a report published Wednesday by Cisco’s Talos cybersecurity team. The report explains how thieves preyed upon their victims using a “very simple” yet treacherous technique: Buying Google ads on popular search keywords related to cryptocurrency “to poison user search results” and snatch the contents of crypto wallets. This meant people Googling terms like “blockchain” or “bitcoin wallet,” saw links to malicious websites masquerading as legitimate domains for Blockchain.info wallets. For example, the poison ads included “spoofed” links with small types like “blokchien.info/wallet” and “block-clain.info,” which sent visitors to a landing page that mirrored actual websites of the company Blockchain, which runs both the domains Blockchain.info and blockchain.com. (The legitimate sites appeared lower in results than the “poisoned” links, according to Cisco’s report.) Fooled into believing they had come to the right place, victims then entered private information that allowed the hackers to gain access to their actual wallets and take their digital money. “The attackers needed only to continue purchasing Google AdWords to ensure a steady stream of victims,” the Talos team led by Jeremiah O’Connor and Dave Maynor said in their report. Blockchain, for its part, is working with Google “on a daily basis” to take down phishing ads, and secured the removal of almost 10,000 such malicious websites last year, along with another 3,000 it flagged in January alone, according to Blockchain CEO and co-founder Peter Smith. The solution to this is not using Google to navigate. If you already have an account at blockchain.info or an exchange, BOOKMARK the url and go straight to that instead of googling the exchange name. NOPE!!!! Do not Bookmark these sites, because even Bookmarks can be changed. This will only create a false sense of security, if people trust their own Bookmarks. Just type the damn URL and stop being lazy, because it is going to cost you money. Also, DO NOT trust auto complete. These viruses or Malware can change the auto complete data too and then re-direct you to the Phishing site. Use your eyes and double check the URL you typed. Blockchain.info takes 3 to 4 seconds to type for average users... that is definitely not that much trouble. ::) Title: Re: Hackers Stole $50 Million in Cryptocurrency Using 'Poison' Google Ads Post by: First77 on February 16, 2018, 02:58:47 PM Google should really have a manual verification process for untrusted ad partners, ensuring that they are not mimicking similar services, or sites that cater for sensitive information. To some degree, I think Google is responsible for the losses incurred by these users. To be honest though, you need to be pretty stupid to be fooled by the old domain switcheroo attack. e.g. www.blockchain.info.xyz could be used instead of the actual domain. Most browsers even highly the domain extension and flag up potentially malicious sites. So these people must be either 1. Woefully ignorant, 2. Not adequately secured, or 3. Both. Google has multi-billion dollars software which shows "google ads" all over the internet. They track users activities on the internet and "google ads" become headaches. Google has been responsible for killing "internet marketing". Why click/see google ads ? Title: Re: Hackers Stole $50 Million in Cryptocurrency Using 'Poison' Google Ads Post by: First77 on February 16, 2018, 03:08:01 PM Yes. Google makes a small profit every time someone clicks an ad.The hackers paid google by the click, and they probably thought it was very cheap for the gains they were making through hijacking people's wallets. Why do people click/see google ads. Other ways such as "forum signatures" are safer than google ads. Like I said: bookmark the urls of the exchanges you use. Don't google them. Use and throw google.com ;D Title: Re: Hackers Stole $50 Million in Cryptocurrency Using 'Poison' Google Ads Post by: First77 on February 16, 2018, 03:14:31 PM It would be interesting to see what happens if someone sues Google over this. For example, if you search for "ChipMixer" (the one in my signature is the real one), Google advertises a phishing website. I have reported the phishing site to Google on December 15, 2017 (https://bitcointalk.org/index.php?topic=1935098.msg26379488#msg26379488), and I know other people have reported it too. Google simply ignores it, allows scammers to advertise, and earns from this. Doesn't that make Google responsible for all people who get scammed since the fake site was first reported? They don't seem to care about people getting scammed, as long as they earn from it. the main problem is Google's multi-billion dollar software which rules the internet keeps showing/bombards "google ads" all over the internet. Title: Re: Hackers Stole $50 Million in Cryptocurrency Using 'Poison' Google Ads Post by: brengoskandel on February 16, 2018, 04:43:30 PM one thing I hate most in the internet world is hackers, they abuse their intelligence to harm many parties
they hack the system, steal valuable assets, as well as valuable information that is neatly stored with the intention of pleasure or to gain profit for themselves, and now I feel very anxious when doing transactions, they can come anytime pick up and leave without leaving a trail and without feeling guilty Title: Re: Hackers Stole $50 Million in Cryptocurrency Using 'Poison' Google Ads Post by: DdmrDdmr on February 16, 2018, 04:55:13 PM Google Adds should include a reputation score of some sort. This way the well known companies with legit adds could be identified by us users easily, while scrutinizing the rest.
Also Google should work on shutting down adds that link to scams (i.e. no reputation + x amount of negatives -> shutdown), similarly to how antiviruses do. Title: Re: Hackers Stole $50 Million in Cryptocurrency Using 'Poison' Google Ads Post by: newinbtc on February 16, 2018, 05:05:03 PM how google improve the website without any verification , IF we place an ad with same keyword with high bid that person always win. In this google made money But at least we people must watch the address we are opening that is right or wrong. Most of cases i seen that people search a word and they open first website which google shows and it was an add. Google get paid and That website tell all traffic.
always bookmark the urls u often visit otherwise we will lose our secure funds and always install proper internet security antivirus Title: Re: Hackers Stole $50 Million in Cryptocurrency Using 'Poison' Google Ads Post by: Daveeoff on February 16, 2018, 05:16:36 PM Google need to tighten their security regarding advertising. They cannot let websites like this use Google Adsense...
Title: Re: Hackers Stole $50 Million in Cryptocurrency Using 'Poison' Google Ads Post by: First77 on February 17, 2018, 12:55:13 AM Google need to tighten their security regarding advertising. They cannot let websites like this use Google Adsense... YES, less Google Adsense Title: Re: Hackers Stole $50 Million in Cryptocurrency Using 'Poison' Google Ads Post by: Fakhri1907 on February 17, 2018, 01:13:28 AM Ayay sir, i will bookmark my wallet website from now. Thank you for sharing this information
Title: Re: Hackers Stole $50 Million in Cryptocurrency Using 'Poison' Google Ads Post by: alyssa85 on February 17, 2018, 01:16:46 AM Google made profits from those "poison ads" ?? Yes. Google makes a small profit every time someone clicks an ad.Perhaps report Google to the FTC? I think they regulate online advertising: https://www.ftc.gov/tips-advice/business-center/advertising-and-marketing/online-advertising-and-marketing Title: Re: Hackers Stole $50 Million in Cryptocurrency Using 'Poison' Google Ads Post by: First77 on February 17, 2018, 04:21:46 AM Ayay sir, i will bookmark my wallet website from now. Thank you for sharing this information Direct source/website is good. Use less Google Title: Re: Hackers Stole $50 Million in Cryptocurrency Using 'Poison' Google Ads Post by: krishnaverma on February 17, 2018, 07:08:24 AM Google Adds should include a reputation score of some sort. This way the well known companies with legit adds could be identified by us users easily, while scrutinizing the rest. Also Google should work on shutting down adds that link to scams (i.e. no reputation + x amount of negatives -> shutdown), similarly to how antiviruses do. Google already has very strict mechanisms to detect such ads. As an internet marketer, I have suffered a lot because of their strict policies. They completely ban your Adwords account if they notice any suspicious activity like promoting scams or illegal offers. Sometimes people are able to find loopholes and these are exploited till Google notices and patches them. Title: Re: Hackers Stole $50 Million in Cryptocurrency Using 'Poison' Google Ads Post by: Sevarchik on February 17, 2018, 07:11:55 AM Always hackers find new ways how to fool system, by this reason my recommendation never lost their actuality - Use dedicated laptop for wallet operations
Title: Re: Hackers Stole $50 Million in Cryptocurrency Using 'Poison' Google Ads Post by: Dudeperfect on February 17, 2018, 07:23:29 AM Exactly! if we have shown interest in the bitcoin or blockchain on social media then we are the part of huge ad-bombing taking place on these platforms. Phishing through platforms like FB, Google is still easy to conduct and it is really frustrating. The mass awareness is the only solution I do see when it comes to the issues like this one.
There is a huge power lies in Cryptocurrencies but as Uncle Ben says "With Great Power Comes Great Responsibility". In crypto we are responsible for our actions. Title: Re: Hackers Stole $50 Million in Cryptocurrency Using 'Poison' Google Ads Post by: First77 on February 21, 2018, 03:28:29 PM Always hackers find new ways how to fool system, by this reason my recommendation never lost their actuality - Use dedicated laptop for wallet operations For years, hackers have robbed Bitcoin investors, emptying their cryptocurrency wallets without fear of being caught thanks to the relative anonymity of the blockchain. Now, Cisco (csco, +5.04%) has exposed the thieves behind a string of particularly flagrant attacks. Title: Re: Hackers Stole $50 Million in Cryptocurrency Using 'Poison' Google Ads Post by: spiker777 on May 16, 2018, 11:21:43 PM Google should really have a manual verification process for untrusted ad partners, ensuring that they are not mimicking similar services, or sites that cater for sensitive information. To some degree, I think Google is responsible for the losses incurred by these users. To be honest though, you need to be pretty stupid to be fooled by the old domain switcheroo attack. e.g. www.blockchain.info.xyz could be used instead of the actual domain. Most browsers even highly the domain extension and flag up potentially malicious sites. So these people must be either 1. Woefully ignorant, 2. Not adequately secured, or 3. Both.
It's been so long and yet they still haven't learned. Sorry for necro bump but this really F***ing annoys me. Title: Re: Hackers Stole $50 Million in Cryptocurrency Using 'Poison' Google Ads Post by: CoinHoarder on August 11, 2018, 07:03:24 PM A Ukrainian hacker group dubbed Coinhoarder Just popping in to say that I obviously have nothing to do with this, because I don't know any Ukranians.... Well... as long as you don't count the random Ukranian couple I met while staying at a hostel in Amsterdam, with whom I have not had any contact ever since. 😂 Title: Re: Hackers Stole $50 Million in Cryptocurrency Using 'Poison' Google Ads Post by: nguyenhoven on August 11, 2018, 07:06:30 PM http://fortune.com/2018/02/14/bitcoin-cryptocurrency-blockchain-wallet-hack/ Quote For years, hackers have robbed Bitcoin investors, emptying their cryptocurrency wallets without fear of being caught thanks to the relative anonymity of the blockchain. Now, Cisco (csco, +5.04%) has exposed the thieves behind a string of particularly flagrant attacks. A Ukrainian hacker group dubbed Coinhoarder has stolen more than $50 million in cryptocurrency from users of Blockchain.info, one of the most popular providers of digital currency wallets, according to a report published Wednesday by Cisco’s Talos cybersecurity team. The report explains how thieves preyed upon their victims using a “very simple” yet treacherous technique: Buying Google ads on popular search keywords related to cryptocurrency “to poison user search results” and snatch the contents of crypto wallets. This meant people Googling terms like “blockchain” or “bitcoin wallet,” saw links to malicious websites masquerading as legitimate domains for Blockchain.info wallets. For example, the poison ads included “spoofed” links with small types like “blokchien.info/wallet” and “block-clain.info,” which sent visitors to a landing page that mirrored actual websites of the company Blockchain, which runs both the domains Blockchain.info and blockchain.com. (The legitimate sites appeared lower in results than the “poisoned” links, according to Cisco’s report.) Fooled into believing they had come to the right place, victims then entered private information that allowed the hackers to gain access to their actual wallets and take their digital money. “The attackers needed only to continue purchasing Google AdWords to ensure a steady stream of victims,” the Talos team led by Jeremiah O’Connor and Dave Maynor said in their report. Blockchain, for its part, is working with Google “on a daily basis” to take down phishing ads, and secured the removal of almost 10,000 such malicious websites last year, along with another 3,000 it flagged in January alone, according to Blockchain CEO and co-founder Peter Smith. The solution to this is not using Google to navigate. If you already have an account at blockchain.info or an exchange, BOOKMARK the url and go straight to that instead of googling the exchange name. yeah i noticed the majority of google ads with certain keywords give out the fake phishing links. It's really annoying and dangerous especially for noobs who have no experience. |