YouTube Reportedly Runs Malicious Ad for Bitcoin Wallet Electrum by Accident

Published at: March 26, 2019

Video-sharing platform YouTube purportedly ran a malicious advertisement for Bitcoin (BTC) wallet Electrum by mistake, according to a Reddit post published on March 26.

Viewers interested in the advertisement were redirected to a malicious link using a common scamming method called typosquatting or URL hijacking. In the Reddit post, a user named mrsxeplatypus warned the public about the promotion of a malware version of Electrum, and described how the scam ad worked:

“The malicious advertisement is disguised to look like a real Electrum advertisement [...] It even tells you to go to the correct link (electrum.org) in the video but when you click on the advertisement it immediately starts downloading the malicious EXE file. As you can see in the image, the URL it sent me to is elecktrum.org, not electrum.org.”

Technology-focused news site The Next Web reported that Google, which owns YouTube, has since taken appropriate actions against the advertisement.

In February, users of cryptocurrency wallets Electrum and MyEtherWallet reported that they were facing phishing attacks. One user on Reddit found that a phishing scam attempting to steal sensitive data from Electrum customers was posing as a security update.

Redditor exa61 then posted a picture of a system message, allegedly from Electrum wallet, requiring a security update to Electrum 4.0.0, while the latest version of the wallet was Electrum 3.3.3 at the time.

Earlier in March, a Google Chrome browser extension dubbed NoCoin tricked users into participating in a fake airdrop from cryptocurrency exchange Huobi, claiming over 230 victims. Hackers had purposely disguised the malicious extension to look like a tool protecting users from cryptocurrency malware or so-called cryptojacking.

Tags
Related Posts
Apple co-founder Steve Wozniak loses Bitcoin scam case against YouTube
A recent court ruling said that video hosting giant YouTube is not responsible for cryptocurrency-related scams posted on its platform. Apple co-founder Steve Wozniak failed to support his lawsuit against YouTube over an advert using his image to promote a fake Bitcoin (BTC) giveaway, Bloomberg reports. Santa Clara County Superior Court Judge Sunil Kulkarnia said in a tentative ruling Wednesday that YouTube and its parent firm Google are protected by Section 230 of the Communications Decency Act — a federal law shielding internet platforms from responsibility for content posted by users. Wozniak sued YouTube in July last year over a …
Bitcoin / June 3, 2021
Google Keeps Promoting Crypto Scams Despite Strict Crypto Policies
While Google’s subsidiary, YouTube, is facing a lawsuit for promoting cryptocurrency scams, Google’s advertising platform continues to display fraudulent crypto ads through its advertising network. According to a report by Bitcoin (BTC) crypto exchange, CoinCorner, Google Ads was running an ad for CoinCorner’s phishing clone website, CoinCornerr.com. The issue was reported by CoinCorner’s marketing manager, Molly Spiers, on April 30. Google Ads promotes a crypto scam but doesn’t want to promote a real firm Spiers told Cointelegraph that CoinCorner’s team first noticed the fraudulent ad on Thursday morning after searching for “CoinCorner” on Google.com and Google.co.uk. According to the executive, …
Bitcoin / April 30, 2020
‘Free Bitcoin’ Scam Propagated on YouTube Steals Crypto via Clipboard Hijacking
The Qulab information-stealing and clipboard hijacker trojan is being propagated on YouTube via fraudulent videos about an allegedly free bitcoin (BTC) generator, BleepingComputer reports on May 29. According to the report, security researcher Frost reached out to BleepingComputer about the trojan scam, saying that YouTube would take down the fraudulent videos when reported, but new accounts and videos would subsequently pop up with the same MO. The videos reportedly describe a tool that lets users earn free bitcoin, with a link in the video description. The links then direct to a download for the alleged tool, which is the Qulab …
Bitcoin / May 29, 2019
YouTube channels hacked and rebranded for live-streaming crypto scams
A new report shared by Google’s Threat Analysis Group (TAG) highlights an ongoing phishing campaign against YouTube creators, typically resulting in the compromise and sale of channels for broadcasting cryptocurrency scams. The TAG attributes the attacks to a group of hackers recruited in a Russian-speaking forum that hacks the creator’s channel by offering fake collaboration opportunities. Once hijacked, the YouTube channels are either sold to the highest bidder or used to broadcast cryptocurrency scams: “A large number of hijacked channels were rebranded for cryptocurrency scam live-streaming. On account-trading markets, hijacked channels ranged from $3 USD to $4,000 USD depending on …
Bitcoin / Oct. 24, 2021
Fraudulent Site Impersonates Encrypted Messaging Service to Steal Bitcoins
Cybercriminals have reportedly created a fake site version of the legitimate encrypted self-destructing notes service privnote.com. The fake version can be shared with other users to steal Bitcoin. According to a June 14 report from KrebsOnSecurity, the creators of the encrypted notes service complained about a fake clone site, privnotes.com, whose scam scheme consists of the following: “Any messages containing Bitcoin addresses will be automatically altered to include a different Bitcoin address, as long as the Internet addresses of the sender and receiver of the message are not the same.” Privnote.com said in the report that the phishing site does …
Bitcoin / June 15, 2020