Security researchers at Cisco Systems, Inc. (NASDAQ:CSCO) have issued new updates related to a bitcoin phishing scam that highlights online platforms masquerading as Blockchain.info. More recently, Jeremiah O’Connor and Dave Maynor explained about the Coinhoarder phishing scam.
The company has been investigating this scam since last six months in association with the Ukrainian Cyberpolice. As per the posted blog, those behind the phishing scam had acquired $50 million in cryptocurrency over a 3-year period. Crypto assets have shown to be a new, treasured financial commodity targeted by different degrees of cyber criminals.
Cisco Systems reported that the campaign was extremely simple and after preliminary setup the attackers required only to continue buying Google AdWords to ensure a stable stream of victims. This campaign targeted certain geographic regions and enabled the attackers to collect millions in revenue via the cryptocurrency theft from victims. This campaign showcases just how lucrative these types of harmful attacks can prove for cybercriminals.
As per the posted blog, those behind the phishing attack would design websites similar to Blockchain with different domain names like “blockchien.info” and “block-clain.info”. These online platforms often went unnoticed by the casual users. The attackers then leveraged Google Adwords to impact user search results in attempt to steal users’ wallets,” hence directing more traffic to the false pages.
Cisco stated that these activities started inas early as 2015 and projected that a large amount of sum in cryptocurrency had been taken since that year. As per the blog, funds of around $50 million had been taken, including funds of $2 million in just four weeks during one period in 2017.The firm added that it is evident from the COINHOARDER campaign is that phishing of cryptocurrency via Google Adwords is a rewarding attack on users globally. Last year, phishers developed their tactics by using new attack vectors combined with the use of rogue SSL certificates and IDNs to enhance their probability of success.