Hackers are setting up fake websites for popular free and open-source software to promote malicious downloads through advertisements in Google search results.
At least one prominent user on the cryptocurrency scene has fallen victim to the campaign, claiming it allowed hacker hackers steal all their digital crypto assets along with control over their professional and personal accounts.
Over the weekend, crypto influencer Alex, better known by their online persona NFT God, was hacked after launching a fake executable for the Open Broadcaster Software (OBS) video recording and live streaming software they had downloaded from a Google ad in search results.
“Nothing happened when I clicked the EXE,” Alex wrote in a Twitter thread recounting their experience over the weekend. However, a few hours later friends alerted them that their Twitter account had been hacked.
Unbeknownst to Alex, this was likely an information-stealing malware that stole their saved browser passwords, cookies, Discord tokens, and cryptocurrency wallets and sent them to a remote attacker.
Soon, Alex found that their account at the OpenSea NFT marketplace had also been compromised and a different wallet was listed as the owner of one of their digital assets.