Ukrainian hacker group Coinhoarder has been revealed as the agents behind a massive spoofing of the Google ads system that resulted in the group being able to steal more than $50 million in cryptocurrency from an undisclosed number of victims. Tech giant Cisco cooperated with Ukrainian authorities in an investigation spanning six months before finally being able to confirm the identity of the hackers. The group used Google’s AdWords platform to run ads on search terms related to cryptocurrency, such as “blockchain” and “bitcoin.” When users clicked on the ads, they were taken to a fake landing page that mimicked popular wallet site Blockchain.info. Once hackers had users’ information in hand, they were able to empty out their cryptocurrency wallets with no issue.
While Coinhoarder has been found out and done away with, Cisco reported that the group’s tactic has since been copied, and users involved with cryptocurrency will need to exercise extra caution when handling their wallets. The world of cryptocurrency can still largely be considered to be an untamed part of the internet. While that affords cryptocurrency users a measure of privacy and autonomy, it means that security is a bit more lax, and authorities may have a harder time helping out when things like this happen. All of the usual rules of the web need to be followed, along with some extra caution. Users should always double check the URL of any page that they enter personal information into, and if they’re using a browser that gives them security alerts, such as Chrome, they should think twice before ignoring or bypassing such alerts to interact with a page.