Cisco released new info about Bitcoin phishing scam, Stolen over 50 million dollars
Cisco security researchers released new and important information regarding the bitcoin phishing scam. This involves websites masquerading as Blockchain.info, the well known online wallet service.
Dave Maynor, as well as Jeremiah O’Connor, illustrated about the Coinhoarder phishing scam in a blog post. This blog post was published on Wednesday in which they supposed that Cisco for prior six months in investigating regarding the scam along with the Ukrainian Cyberpolice. They supposed that people who are behind this scam had netted about 50 million dollars in crypto currency in more than three year period.
They wrote that ‘ the campaign was very straightforward and after preliminary setup, the attackers required just to carry on purchasing Google AdWords to guarantee steady steam, of victims. According to their statement, this crusade aimed specifically some geographical regions. It also permitted the attackers to mass millions in profits all through the theft of crypto currency as of victims. According to them, this campaign shows how profitable these sorts of malevolent attacks can be for cyber criminals.’
As that blog shows up those who are behind the attack would create similar websites as Block chains however with the different names. These names can be like block clain.info or else blockchein.info. And this slight change would not be noticed by the user at any cost. after that, they’ leveraged Google Adwords to toxic user search results to whip users bitcoin wallets.’ And by this means directing more traffic to those pages.
In 2015 Cisco traces the group activity and also estimated that about ten million dollars in crypto currency had been stolen in that year. They also indicated that about 50 million dollars had been stole till date which comprises about 2 million dollars in less than four weeks in a prior year.
Cisco also observed that this group not only abuse Google Adwords to increase traffic but also evolve to make their sites appear more legitimate. As they started observing their steps, they found that these groups also initiated to use SSL certificates which were issued by Cloudfalre as well as Let’s Encrypt.
After all this investigation the firm concluded that ‘ what is now apparent from the COINHOARDER campaign that crypto currency phishing all the way through Google Adwords is a worthwhile attack on users globally’.
These attacks are actually unattainable to spot out with a human eye, particularly when delivered on a mobile podium.
Image source: shutterstock