YouTube Accidentally Runs Malicious Ad for Electrum Bitcoin Wallet
Viewers interested in the ad were redirected to a malicious link using a common scamming method named typosquatting or URL hijacking. In the Reddit post, a user named mrsxeplatypus cautioned the public about the promotion of a malware version of Electrum, and explained how the scam advertisement worked:
“The malicious ad is disguised to look like a real Electrum advertisement. It also tells you to go to the correct link (electrum.org) in the video however when you click on the advertisement it instantly starts downloading the malicious EXE file. As you can see in the image, the URL it sent me to is elecktrum.org, not electrum.org.”
In February, users of digital currency wallets Electrum and MyEtherWallet told that they were facing phishing attacks. One user on Reddit found that a phishing scam trying to steal sensitive information from Electrum users was posing as a security update.
Redditor exa61 then shared a picture of a system message, purportedly from Electrum wallet, requiring a security update to Electrum 4.0.0, while the newest version of the wallet was Electrum 3.3.3 at the time.
Prior in March, a Google Chrome browser extension named NoCoin duped users into participating in a fake airdrop from digital currency exchange Huobi, asserting over 230 victims. Hackers had deliberately disguised the malicious extension to look like a tool protecting users from digital currency malware or so-called crypto jacking.