Users of Terra (LUNA) Network Lose $4.31M in Phishing Attack Through Fake Google Ads 14
News

Users of Terra (LUNA) Network Lose $4.31M in Phishing Attack Through Fake Google Ads

Avatar photoBy John P. Njuion

Quick take:

  • Users of the Terra network and its numerous DeFi platforms have been the target of a phishing attack being perpetrated using fake Google ads
  • The malicious ads are the first thing that pops up when users do a Google search on ‘Terra’
  • Over $4.31 million has been lost in the phishing attack
  • The funds were lost between April 12th and the 21st and transferred to a single address from 52 different transactions

Crypto users of the Terra (LUNA) network and its numerous DeFi protocols such as Anchor, Nexus, and Astroport, have become the target of a new phishing attack perpetrated using fake Google ads.

The phishing attack was identified and highlighted by the team at Slowmist, who also explained that numerous users of Terra lost close to $4.31 million in assets between the 12th and 21st of this month. Furthermore, the funds were transferred to a single address from 52 different transactions.

The Malicious Terra Ads Look like Legitimate Google Ads

The team at SlowMist has analyzed the phishing attack and concluded that it stems from Google ads that pop up at the top of searches by users looking to find Terra, Anchor Protocol or Astroport Finance. The SlowMist team shared the following screenshot to further demonstrate their findings.

Users of Terra (LUNA) Network Lose $4.31M in Phishing Attack Through Fake Google Ads 15
Terra phishing attack through Google ads. Source, SlowMist on Twitter
Users of Terra (LUNA) Network Lose $4.31M in Phishing Attack Through Fake Google Ads 16
Terra phishing attack through Google ads. Source, SlowMist on Twitter

The Fake Google Ads Will Prompt You to Connect to Your Terra Wallet

According to the team at Slowmist, the Google ads have links that look very normal. However, they redirect to a different domain that prompts users to connect their Terra wallets once clicked. They explained the sequence of events as follows:

These may look like normal ads and some even show the same domain names, but once you click on the link, the domain name actually changes. When clicked, it’ll prompt you to connect your wallet, however instead of connecting, users are asked to input their seed phrase.

The team at SlowMist recommends that users on Terra be extra cautious and avoid clicking on questionable links with questionable origins.

Avatar photo
John P. Njui
John is a journalist and writer with a vast crypto and blockchain industry background. He has been passionately writing and creating crypto content since 2017. When not immersed in the complex world of decentralized finance, John is often seen playing a chess game or running a marathon. He is a man of many talents.