March 27, 2019 | AtoZ Markets - Number-one video sharing platform on the internet, YouTube, has been recently unintentionally running a malicious advertisement for Bitcoin (BTC) wallet Electrum, as news reports unveiled.
The advertisement referred to has a characteristic that redirects the viewers who clicked on it to link that is known of using a popular scamming method called “typosquatting”.
The latter, also known as URL hijacking, is identified by the IT security giant McAfee as “a form of cybersquatting (sitting on sites under someone else’s brand or copyright) that targets Internet users who incorrectly type a website address into their web browser (e.g., “Gooogle.com” instead of “Google.com”). When users make such a typographical error, they may be led to an alternative website owned by a hacker that is usually designed for malicious purposes.”.
The issue was brought to light a few days ago, when a Reddit user posted, notifying the community about a fraud website that impersonates the website “Electrum.org”, saying:
“The malicious advertisement is disguised to look like a real Electrum advertisement [...] It even tells you to go to the correct link (electrum.org) in the video but when you click on the advertisement it immediately starts downloading the malicious EXE file. As you can see in the image, the URL it sent me to is elecktrum.org, not electrum.org.”, said the Redditor who carries the username “mrsxeplatypus”.
YouTube adopted a more aggressive policy regarding ads
Against the background of the incident and the controversy it stirred, Google-owned YouTube started to take tougher precautions against the advertisement, according to The Next Web.
In a similar context, last February witnessed cryptocurrency users from Wallet Electrum and MyEtherWallet reporting that they had been facing “phishing attacks”.
The attack referred to was coated with a legitimate look, posing as a security update to download and install, as a Reddit user reported then.
The malicious file popped a message, in which it appeared to belong to Electrum wallet, asking the users to update Electrum 4.0.0, whereas the latest version of the clean software was version number 3.3.3 only, at the time.
Likewise, Google Chrome underwent a predicament, in which the browser had one of its extensions that was named NoCoin trick the users into taking part in what is so called a “fake airdrop” from Huobi- the famous cryptocurrency exchange.
The victims’ toll at the time exceeded the 230 line, after they fell in the hackers’ trap, who disguised their malicious extention tool in the dress of a crypto anti-malware while in fact it was a hijackware.