Security News > 2023 > December > Crypto drainer steals $59 million from 63k people in Twitter ad push
Google and Twitter ads are promoting sites containing a cryptocurrency drainer named 'MS Drainer' that has already stolen $59 million from 63,210 victims over the past nine months.
According to blockchain data on MS Drainer's activity, one of its Ethereum-chain victims lost $24 million worth of cryptocurrency, while other notable cases involve victims losing between $440,000 and $1.2 million.
In Google Search, MS Drainer is promoted via malicious ads that are shown for keywords related to DeFi platforms like Zapper, Lido, Stargate, Defillama, Orbiter Finance, and Radiant.
On X, better known as Twitter, advertisements for MS Drainer are so abundant that ScamSniffer reports they account for six out of nine phishing ads on their feed.
Notably, many of the scam ads on X are posted from legitimate "Verified" accounts that carried the blue tick badge when the ad was shown.
Security researcher MalwareHunterTeam, who has been tracking similar ads, told BleepingComputer they believe the Twitter account holders may have been infected with malware that stole their authentication cookies or passwords, allowing the threat actors to create advertisements from the hacked accounts.