Blockchain security experts have discovered a new scam that involves the use of malicious Google ads to deceive cryptocurrency users and lead them to a counterfeit Pudgy Penguins website.
According to analysts from blockchain security firm Scam Sniffer, this scam specifically targets crypto users, and it appears that malicious actors are taking advantage of Google’s ad network to publish harmful ads.
In a recent thread, the analysts explained that these malicious ads contain suspicious JavaScript code that checks whether the viewer possesses a cryptocurrency wallet. If a wallet is detected, the code redirects the user to a fake website that imitates the legitimate Pudgy Penguins website. Pudgy Penguins is a collection of 8,888 unique non-fungible tokens featuring adorable cartoon penguins.
Once users are redirected to the counterfeit website, scammers have the opportunity to steal personal information or entice victims into connecting their wallets, which grants unauthorized access to withdraw funds.
Although the current focus of this scam is Pudgy Penguins users, Scam Sniffer has warned that this method could easily be adapted to target other cryptocurrency projects. In order to protect themselves, the security experts advise crypto investors to be vigilant and carefully examine website URLs to avoid falling victim to similar scams. They also recommend using ad blockers, considering the use of a separate browser for web3 activities, and double-checking URLs before connecting a wallet.
This latest scam is part of a larger trend where malicious actors exploit Google Ads to deceive cryptocurrency users. In one instance, scammers replicated the Revoke Cash recovery service by employing fraudulent ads that redirected users to a fake website designed to steal their funds. In another case, Google Ads were utilized to promote a counterfeit version of the Whales Market crypto platform, redirecting users to a fraudulent site where their wallets were compromised.