A recent report from Scam Sniffer, an anti-scam platform used by several Web3 wallets, has revealed that a certain malware type has managed to siphon over $58 million from cryptocurrency holders. The tool, called MS Wallet Drainer, attacks the cryptocurrency wallets (Ethereum, BNB, and other EVM chains and rollups) of victims using Google and X ads to infect their devices and drain them of any available funds and non-fungible tokens (NFTs).

The malware is distributed using the search results of Google searches for popular cryptocurrency sites and decentralized finance exchanges, such as Zapper, Lido, Stargate, Defillama, Orbiter Finance, and Radiant. The same malware was also detected in a series of Ordinals-related X ads, and a recent sampling of X ads on some feeds resulted in more than 60% of the ads leading to sites using the MS Drainer.

The report highlights that these ads use several techniques to obfuscate their purposes and pass advertising audits. For example, they only target certain regions and use redirection to bypass revisions.

One of the victims lost over $24 million in an Ethereum wallet, while another lost over $1 million in Ethereum assets. An investigation revealed that the tool is available in darknet forums with a price of $1,500 for a standard functionality set. While other similar malware tools are fully managed and charge a 20% fee, this one only charges for modules that add additional functionality to the standard package.

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。