Google may be promoting fraudulent crypto sites

Changpeng Zhao, who is the CEO of Binance, said that cryptocurrency enthusiasts should be extremely careful when working with the Google search service. The latter, despite its clear anti-scam stance in the cryptocurrency industry, can still give out crypto-related sites in the results, the competence of which is highly questionable.

These are full of phishing and scam websites that collect data to further hack, deceive or steal funds from their victims. The reason for the breach in protection can be attributed to the fact that scammers have learned to bypass the strict policy of the Google AdSense advertising service. Some of them do it so skillfully that fraudulent sites give out in the issuance of Google requests higher than real crypto exchanges and other quite legitimate crypto sites.

Yesterday, Changpeng Zhao warned on his Twitter account that users of crypto exchanges should be especially careful when searching for “CoinMarketCap”. If you enter the title of the main aggregator of the state of the cryptocurrency market, then an advertisement of phishing sites with the corresponding “Advertising” tag will be displayed in front of it. It is worth paying special attention to this.

Inexperienced users may not notice that they have landed on the wrong site, as their addresses are similar enough to deceive inexperienced users. For example, instead of “coinmarketcap” it might say “coinmarketcaap” or “coinomarketcap”.

Zhao said that Binance is already trying to contact Google representatives to rectify the situation, but while they do not answer, the largest exchange insists on social networks that users do not let themselves be deceived.

CoinMarketCap is especially sought after by fans of creating phishing sites, as this cryptocurrency market data aggregator is one of the most used, if not the most used. Thus, scammers often catch inexperienced users in the wrong moments, and Binance tries to deal with this as best they can. The largest crypto exchange has a high interest in the reputation of CoinMarketCap, as they acquired this aggregator in April 2020 and do not want a lot of traffic to go to fraudulent advertising.

In April 2022, SlowMist, a blockchain security company, was able to uncover a phishing scam that is linked to Terra (LENC). The attackers used Google Ads to promote copycat sites using the Achor protocol with the Astroport branding. Just like with CoinMarketCap, the scam sites promoted did so well that they outpaced the Terra (LUNC) site. Between April 12th and 21st, attackers managed to steal $4,310,000~ worth of LUNC coins from 52 addresses.

Cryptocurrency fraud is a fairly common phenomenon. It is so vast that scam projects on the network prevail with colossal force over those projects that really bring some benefit to the community. Someone uses phishing sites and promotion through Google Ads to achieve their goals, someone creates DiFi platforms where they allow users to farm their crypto through farming with a liquidity pool, after which they steal money. Someone even creates large-scale projects that gain a large audience, after which they steal money, attributing everything to hacking and failure.

The cybersecurity research arm of CheckPoint published a report last November stating that scammers had stolen more than $500,000 through phishing sites and promoted them through Google Ads. Then the attackers imitated the providers of cryptocurrency wallets MetaMask and Phantom.