User alias meUp_meQuit lost 900,000 USDC due to malicious advertising of the Celer Bridge cross-chain protocol in Google Ads. He gave permission to the project, after which his wallet was emptied.
The link to the fake bridge site was in a paid AdWords ad block. Scam Sniffer project experts drew attention to the fact that the abbreviated address and design of the web portal completely coincided with the original.
The fact that this is a fake could only be noticed when going directly to the site, where the user was immediately asked for permission to connect the account:
and if you don’t look carefully opened it and connect it to your wallet,
it will launch a malicious signature like the Permit to steal your precious asset’s approval. pic.twitter.com/U7ZFByBwYx
— Scam Sniffer (@realScamSniffer) August 22, 2023
In this case, the portal blocks the transition directly from the address bar. Scam Sniffer called this one of the tricks, how attackers bypass resource verification before placing ads.
According to meUp_meQuit, the hacker transferred USDC to ETH on the KuCoin exchange. He contacted the platform administration, but never received a response.
The affected trader also noted KuCoin’s initiative to tighten KYC requirements. He thinks this is the right move, but meUp_meQuit also urged platforms to expand their security measures to counter phishing as well.
This is not the first such case related to Google Ads. In January 2023, a user lost $50,000 after downloading the OBS app, presumably from the official resource. It turned out to be a phishing site.
Source: Cryptocurrency
I am an experienced journalist and writer with a career in the news industry. My focus is on covering Top News stories for World Stock Market, where I provide comprehensive analysis and commentary on markets around the world. I have expertise in writing both long-form articles and shorter pieces that deliver timely, relevant updates to readers.
