Image: NurPhoto / Contributor
hacking. Disinformation. Surveillance. CYBER is a Motherboard podcast that reports on the dark lower abdomen of the Internet.
If you googled “Open Sea” earlier this week Named NFT Marketplace, You may have found something that looks like the site at the top of Google. The result of a paid Google Ads placement turned out to be a phishing site that actually looks like it was designed to steal the victim’s digital wallet.
OpenSea is the most popular peer-to-peer marketplace To buy and sell NFTIt’s probably a juicy target for hackers who want to hijack people’s cryptocurrencies or NFTs to sell for profit. I read “NFT Marketplace with everything for everyone” and its website.
On Wednesday, a motherboard editor searched Google for the phrase “opensea.” The top result was “OpenSea, the largest NFT marketplace.” However, the URL is opensun.io/open and I’ve tweaked the actual URL of the site a bit. Following that link, the visitor was redirected to another site. This time, I used URLwww-opeensea.io to add a subtle “WWW” and an extra “E”.
Screenshots of malicious Google ads. Image: Motherboard.
The site looked much like a real OpenSea site. However, when I clicked on the www-opeensea.io link, I was prompted to link the digital wallet to the visitor, such as the Coinbase wallet. Perhaps the idea here was that a malicious party running this phishing site would try to access and empty the wallet.
Screenshot of phishing site. Image: Motherboard.
After Motherboard contacted both Google and OpenSea on Wednesday, Google stopped showing phishing sites in search results.
The www-opeensea.io domain is registered with a company called NameSilo. Name Silo emailed Motherboard: This domain was not reported before this email. I deleted the domain. The domain was registered on October 18, 2021, and the attack probably launched very recently. “
Do you know about other NFT scams? We look forward to hearing from you. You can securely contact Joseph Cox by emailing +44 20 8133 5190 Signal, josephcox Wickr, or joseph.cox@vice.com using your non-work phone or computer.
OpenSea claimed to have learned about the phishing site the day before.
“OpenSea carefully monitors malicious and spoofed websites and takes immediate action to protect the community when they are detected. Yesterday, we noticed the website in question and immediately various hosts. I’ve reported to the admin and confirmed that the ad has been removed, “an OpenSea spokeswoman told Motherboard in an email.
A Google spokeswoman said in an email to the motherboard: “This behavior directly violates Google’s policy on phishing ads that try to mislead users. We will suspend your account and continue to actively enforce these policies to prevent malicious individuals. increase.”
Last week, a cybersecurity company checkpoint researcher published a blog post. Layout how hackers used Google Ads To operate a phishing site targeting potential users of Phantom and MetaMask wallets. Checkpoint said hackers have generated at least $ 500,000 from this plan.
Subscribe to the Cyber Security Podcast CYBER. here..apply New Twitch channel..
