An NFT influencer is reeling after his crypto wallet was drained after he clicked on a Google Ad containing malware. The influencer notes that he was trying to download video streaming software. Instead of going for the organic result, he opted for the Google Ad link, thinking it was the same thing. What he didn’t know is that the ad had malware which led to the loss of his entire crypto portfolio.
The Twitter influencer who goes by the name ‘NFT God’ made the revelation through a series of tweets on Sunday.
He goes on to add that he tried to download OBS, an open-source video streaming software. Instead of clicking on the organic result, he clicked on its advertised version and proceeded to install it. It took him hours to notice the compromise.
The influencer, whose real name is Alex, notes that it wasn’t until he saw a few phishing tweets from two other Twitter accounts under him that he realized something was wrong.
The attackers also breached his Substack account and sent phishing emails to his 16,000 subscribers. Phishing attacks are prevalent in the NFT space – here are some tips to help see them coming.
What did the NFT Influencer Lose in the Google Ad Scam?
In total, the influencer lost at least 19 ETH, worth almost $30,000 at the time. Also, the scammer took multiple NFTs from his wallet, including a Mutant Ape Yacht Club NFT with a current floor price of $25,000.
Blockchain data shows that the attackers moved the ETH through multiple wallets. The scammer then transferred it to the FixedFloat DEX and exchanged it for unidentified cryptocurrencies.
According to Alex, his grievous mistake was setting his hardware wallet as a hot wallet. This allowed the hackers to gain access to the NFTs and crypto holdings.
Alex’s case is the latest in a growing trend of Google Ads being used to target unsuspecting users. On January 12, Cyble, a cybersecurity firm, warned of “Rhadamanthys Stealer,“ an information-stealing malware. It’s spreading through Google Ads on “highly convincing phishing webpages.”