Fishing with Google ads, Ukrainian hackers defraud $50 million from Africa

Why are google and Facebook giants banning digital currency-related advertising? Because such advertising is difficult to regulate, they are too quick to manage.

March13DayGoogleThe company announced that it would ban advertising of high-risk financial products, "includingICO, cryptocurrency trading, wallets and trading advice." PreviouslyFacebookAdvertising of related financial products has been banned.


Behind the internet giants' successive bans on advertising for blockchain token products, there is a growing security risk: the number of phishing cases based on accurate Internet advertising has caused hundreds of millions of dollars in losses to users around the world.


20182Cisco's security teamTalosIt was revealed that in the past year, in cooperation with the Ukrainian police, a Ukrainian-based hacking group (digital gang) was broken up.

(Senior Security Fellow Matt WatchinskiLeadingTalos


According to information released by the Ukrainian police, the hacker group's name is calledCoinHoarder(Chinese to the effect of "Tuen Coin" and the name of the Chinese will be used below), the Tuen Coin Gang has set up hundreds of imitations of well-known Bitcoin walletsBlockchain.infowebsite, and inGoogleAdvertising, the Internet users who want to engage in Bitcoin transactions to fake phishing sites, tricking them into logging on to fake sites, obtaining their accounts, passwords, private keys and other personal information, and then unknowingly transferring the digital assets in their wallets.

(Ukrainian Network Police)


In order to avoid attracting the attention of netizens, the Tuen Coin GangGoogle"Precision Ad Options" is set on the delivery, and most of the phishing ads are shown toIPInternet users whose addresses are african and non-English speaking are not wary of the slight differences in English-language web sites.


In addition to the subtle differences between the English letters, the hacking group also used "unicodeWeb site fishing "technology. Simply put, because mainstream browsers support URL entry in multiple languages, hackers use similar letters in different languages to build phishing URLs in English, Cyrillic, Chinese Pinyin, And Tibetan alphabets.


Hatch has analyzed in detail.Coin An Fishing Incident"Using 31 pre-controlled accounts, hackers obtained about 10,000 bitcoins (although they could not be removed later), and I explained in detail in that article what it was called".unicodeWeb site fishing".They also used the technology in the Case of Hacking in Ukraine.


Police confirm that the "Tun Coin" gang usedGooglePrecision ads+Phishing sites, an easy way to get value in three years,5000The victims of various digital currencies of us$ million were Mostly African netizens.

(Nii Narku Quaynor, "Father of the Internet in Africa") 

Blackchi through the domestic search engine query, Baidu, Sogou and other companies have not displayed Bitcoin-related advertising. According to insiders, digital currency is illegal in the country, so the relevant ads can not be displayed through the domestic search engine, which greatly reduces the probability of domestic users encountering such search engine phishing.


Some technical people said that for search engine advertising this special type of advertising, advertising regulation has a certain degree of difficulty, once lax, it will bring huge security risks to users.


Recently, a news client wasCCTVExposing "two-hop" fake ads also validates this argument in a sense. That's why.GoogleFacebookSuch online giants are also banning certain high-risk types of advertising.


For netizens who are still trading in digital currencies, experts recommend:


1. Do not click on emails, chat tools, or exchange URLs found in search engines, which can easily be forged.


2, download digital wallet and other trading tools, must go to the official web site. Mobile software mall,QQGroup, WeChat group installation files are easy to fake. After downloading, if necessary, you canhashcomparison.


3, install a more secure browser, Hechis recommended scientific Internet, installationchromeBrowser. (Domestic downloaded browsers often can not be upgraded online, which can be a major security risk)

Author: Sima Ziyu

From the Public No.

<<   Swipe left to add @Eva into the group  >>