Scam Sniffer Warns of Phishing Attack via Google Ad for Sony's Soneium Blockchain

Scam Sniffer Warns of Phishing Attack via Google Ad for Sony's Soneium Blockchain

A recent investigation by blockchain security firm Scam Sniffer has uncovered a fraudulent Google ad masquerading as a link to Sony’s blockchain project Soneium. This deceptive advertisement, which appears when searching for "Soneium" on Google, directs users to a phishing site designed to drain crypto wallets.

In a post on X dated October 22, Scam Sniffer detailed how the malicious ad led to a website with a domain name resembling Soneium’s official site. However, this site was actually a front for a radiology service based in the UK and not affiliated with Sony. The website contained a hidden wallet drainer aimed at exploiting unsuspecting visitors’ crypto assets.

Scam Sniffer cautioned that it's easy to fall victim to such phishing attempts, especially if users mistype "Soneium" as "Someium." The firm emphasized that the creators of the deceptive site employed sophisticated techniques to evade Google’s detection, complicating efforts to flag the malicious advertisement.

Soneium is an Ethereum layer-2 blockchain developed by Sony Block Solutions Labs, a collaboration between Sony and blockchain firm Startale Labs. The platform launched its testnet in August 2024. This phishing incident comes on the heels of a report revealing that over $46 million in crypto was stolen from more than 10,800 phishing victims in September alone.

In a related development, the third quarter of 2024 saw over $127 million in crypto assets stolen, with Ether wallets being the primary targets of these phishing attacks.

In another alarming incident a fraudulent cryptocurrency wallet app named WalletConnect has reportedly stolen $70,000 from users in a sophisticated mobile-targeted scam. This malicious app imitated the reputable WalletConnect protocol but served as a scheme to drain crypto wallets.

According to Check Point Research the cybersecurity firm that uncovered this scam the fraudulent app deceived over 10,000 users into downloading it by marketing itself as a solution to common web3 issues. The scammers took advantage of the lack of an official WalletConnect app on the Google Play Store.

Additionally cybersecurity threats are escalating with reports of scammers utilizing automated email replies to compromise systems and deliver stealthy crypto mining malware. This follows the identification of the "Cthulhu Stealer" malware in August which targets MacOS systems while disguising itself as legitimate software to steal personal information including MetaMask passwords and cold wallet private keys.