Crypto users of the Terra (LUNA) network and its various DeFi protocols, such as Anchor, Nexus, and Astroport, have become the target of a new phishing attack using bogus Google ads.
Slowmist’s team identified and highlighted the phishing attack, as well as explaining that numerous Terra users lost close to $4.31 million in assets between the 12th and 21st of this month. Furthermore, the monies were transferred from 52 distinct transactions to a single address.
The malicious Terra advertisements appear to be legitimate Google advertisements.
SlowMist’s team investigated the phishing assault and discovered that it is the result of Google advertising that appear at the top of searches for Terra, Anchor Protocol, or Astroport Finance. To further demonstrate their findings, the SlowMist team released the screenshot below.
Fake Google Ads Will Instruct You to Connect to Your Terra Wallet
According to the Slowmist team, the Google ads feature links that appear to be normal. When clicked, however, they go to a another domain that encourages visitors to connect their Terra wallets. The following is how they described the sequence of events:
These may look like normal ads and some even show the same domain names, but once you click on the link, the domain name actually changes. When clicked, it’ll prompt you to connect your wallet, however instead of connecting, users are asked to input their seed phrase.