Over $127 Million in Crypto Stolen: Google Ad Scam Targets Sony’s Soneium Blockchain Users

Scam Sniffer explains how a simple search for “Soneium” leads users to a phishing site that looks like an unfinished landing page for a UK-based radiology service. The site has a malicious wallet drainer ready to drain wallets once you connect. “It’s easy to get phished when you’re not paying attention, especially if you typo “Soneium” as “Someium”” Scam Sniffer warns.

MISSPELLING SONEIUM ON GOOGLE COULD DRAIN YOUR WALLET!

So, Scam Sniffer just dropped a warning about a sneaky crypto-draining scam lurking in Google ads.

If you accidentally search for "someium" instead of Sony's Soneium, you might land on a phishing site designed to snag your… pic.twitter.com/zci35bnN79

— IBC Group Official (@ibcgroupio) October 22, 2024

The attackers used advanced methods to evade Google’s detection and the ad remained live without being flagged. This is another example of crypto wallet drainers targeting users through ads on popular platforms.

Soneium and Sony’s Blockchain Project

Soneium is an Ethereum layer-2 blockchain developed by Sony Block Solutions Labs, a joint venture between Sony and Startale Labs. It launched its testnet in August 2024 to speed up transactions and reduce costs for Ethereum users. This is a hot project in the blockchain space so it’s a prime target for hackers.

In the same tweet Scam Sniffer mentioned that users who connected their wallets and signed the phishing signature lost their crypto assets immediately. This is not the first phishing attack on the crypto space.

• $46 million stolen from over 10,800 victims in September 2024.

• $127 million stolen in Q3 2024, Ether wallets are the main target.

• Soneium is a hot target for these phishing attacks.

Fake Wallet App Steals $70,000

The Google ad scam is not the only way cybercriminals are targeting crypto users. In another incident a fake wallet app on Google Play called “WalletConnect” stole $70,000 from users. The app looked like the real WalletConnect protocol but was actually a phishing tool to drain crypto wallets.

SCAM SNIFFER WARNS OF CRYPTO DRAINER LINKED TO MISSPELLED SONEIUM SEARCH

Web3 security firm Scam Sniffer warns that a simple misspelling of Sony’s new blockchain, "Soneium," could lead users to a malicious crypto-draining link via Google.

An ad for "someium" directs… pic.twitter.com/f1pFYkh1ba

— Crypto Town Hall (@Crypto_TownHall) October 22, 2024

According to Check Point Research (CPR) over 10,000 users downloaded the app. The scammers behind it knew the typical pain points of Web3 users – compatibility issues across wallets – and marketed their fake app as the solution to these problems. Since there is no official WalletConnect app on the Google Play Store this scam worked.

Cybersecurity Threats on the Rise

Crypto scams are part of a bigger trend of attacks on the digital asset space. Scammers are also using automated email replies to deliver crypto-mining malware. In August a new malware called “Cthulhu Stealer” was discovered targeting MacOS systems, it’s designed to steal MetaMask passwords, IP addresses and private keys from cold wallets.

As crypto grows so do the threats. Be cautious and only use trusted sources when accessing blockchain or wallet services. $127 million stolen in Q3 2024 already.