A Google sponsored ad claiming to promote Sony’s blockchain project Soneium has been exposed as a crypto wallet drain.
This incident adds to the growing threat of wallet drains that have plagued the crypto space.
Google ad scam targets Soneium users
In a post shared on October 22 via X by blockchain security firm Scam Sniffer, the company detailed how a Google search for “Soneium” led users to a phishing site. It appeared to be a legitimate page for Sony’s blockchain platform, which contained hidden software intended to drain crypto wallets from unsuspecting visitors.
Scam Sniffer explained that the ad linked to a website with a nearly identical domain name to Soneium’s official website. The phishing page appeared to be an unfinished landing page for a UK-based radiology service, giving it a deceptively professional appearance.
A separate post highlighted how easily users could fall victim to this scam, especially if they mistakenly typed “Someium” instead of “Soneium” in their search.
The security firm also noted that criminals used sophisticated techniques to bypass Google’s security measures. This allowed the ad to go undetected for a while.
Soneium is an Ethereum layer 2 blockchain developed by Sony Block Solutions Labs, a collaboration between Sony and blockchain firm Startale Labs. The platform launched its testnet in August 2024.
The wider threat of draining wallets
This latest incident adds to a growing list of crypto-related phishing attacks. Scam Sniffer previously reported that more than $46 million in cryptocurrency was stolen from 10,800 phishing victims in September alone.
During the third quarter of 2024, more than $127 million in digital assets were stolen in these incidents, and Ether wallets are a frequent target. In late April 2024, security firm Web3 also revealed that more than $4 million had been stolen in a few weeks through similar malicious websites promoted through Google Search.
Thieves took advantage of slight changes in domain names to trick users into visiting fraudulent crypto websites, with significant financial consequences for many.
In September, a separate crypto hoax affected Google Play Store users. A fraudulent app called WalletConnect mimicked the legitimate WalletConnect protocol, but was designed to deplete users’ crypto wallets. This app managed to scam more than 10,000 people and stole $70,000 from users before it was discovered.
Crypto wallet drain programs have been a persistent threat in the crypto space. A Scam Sniffer report from late 2023 showed that these malicious tools were responsible for more than $295 million in losses affecting around 324,000 victims that year.
SPECIAL OFFER (Sponsored) Binance Free $600 (Exclusive to CryptoPotato): Use this link to register a new account and receive an exclusive welcome offer of $600 to Binance (full details).
2024 LIMITED OFFER on BYDFi Exchange – Up to $2888 Welcome Reward, Use this link to register and open a 100 USDT-M position for free!