To conduct the massive phishing operation, criminals purchased Google Adwords posing as online ads for the legitimate and popular blockchain.info Bitcoin wallet website, according to security researchers at Cisco Talos. Thus, when a user searched for crypto-related keywords such as “blockchain” or “bitcoin wallet,” the spoofed links appeared at the top of search results. When clicked, the link would redirect to a “lander” page and serve phishing content in the native language of the geographic region of the victim’s IP address.
The criminals were particularly keen to target individuals in African countries and developing nations where banking facilities may be harder to come by, and – in some cases – local currencies less stable than Bitcoin. However, working with law enforcement agencies in Ukraine, the researchers were able to identify the Bitcoin wallet addresses of the gang and track their activity.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now