Users Of Blockchain.info Wallets Get Hacked
A group of Ukrainian hackers, who go by the name Coinhoarder, have reportedly stolen over $50 million worth of cryptocurrency from the users of Blockchain.info, a bitcoin wallet and block explorer service. The digital money stolen is part of a series of crypto heists, according to Cisco’s Talos cyber threat intelligence unit. Per Talos’s detailed investigation report, the cybercriminals orchestrated their crypto heists by purchasing Google Ads related to popular keywords used in searches for information regarding cryptocurrencies.
When unsuspecting users tried to Google very common crypto-related topics such as “Bitcoin wallet” or “blockchain”, they were presented with fake website links that appeared to be domains belonging to Blockchain.info wallets. These “spoofed” links, which included “block-clain.info” and “blokchien.info/wallet”, popped up at the top of Google’s search results. If these links were clicked, visitors were directed to web pages that looked similar to the ones found on the real Blockchain.info and blockchain.com domains. Notably, the legitimate websites were found towards the bottom of the search results.
“Massive Phishing Campaign”
Once the naive users landed on these fraudulent websites, they proceeded to enter their private information. This data was then used by the hackers, who created these malicious websites, to log into the users’ actual Blockchain.info wallets and steal their digital currencies. Jeremiah O’Connor and Dave Maynor from Talos stated that “The attackers needed only to continue purchasing Google AdWords to ensure a steady stream of victims”.
By no means is this a recent development. In fact, Cisco and the Ukrainian Cybersecurity unit launched a joint 6-month probe in early 2017 on what the Talos Intelligence website describes as a “massive phishing campaign”. Key findings from their investigation revealed that the “tactics” employed by Coinhoarder have also been used to obtain private information from users of various other cryptocurrency wallets and exchanges.
Preventive Measures Taken Only After Years Of Abuse
Reportedly, these abusive phishing campaigns are part of the reason why Facebook attempted to ban crypto-related advertisements. Now, Google is also trying to prevent these types of malicious Ads from being approved and appearing on its search pages. What’s surprising is why these preventive measures were not implemented much earlier, especially when you consider Coinhoarder’s crypto heists have been occurring since the past three years.
Internet giants like Google and Facebook have been criticized for not taking quick action to stop other types of damaging activity as well. On many occasions, their responses have come only after most of the harm has already been done. For instance, it was widely reported that the 2016 U.S. presidential election was tipped in favor of current American president Donald J. Trump through Facebook Ads paid for in Russian currency (rubles).
Harmful Effects Of Fake Information
Meanwhile, on a much less serious level, American media personality and businessman Lavar Ball temporarily showed up on google searches for NBA founder. Anyone even remotely familiar with basketball knows that LaVar Ball is certainly not the founder of the NBA. Although this particular Google glitch isn’t as concerning as the “phishing campaigns” or Facebook Ads allegedly manipulating presidential elections, it does illustrate how fake or misleading information can be disseminated so easily.
Clearly, the consequences of a large number people being led to believe something which isn’t true can be quite serious. Therefore, highly influential internet companies and services should be much more dedicated towards safeguarding the privacy and security of their users. Not preserving the integrity of a user’s private information can ultimately be detrimental to their overall wellbeing.