Victim lost 'life-changing' amount of money after clicking this Google ad — avoid it before you're next

Hacker stealing money from laptop
Hacker stealing money from laptop (Image credit: Getty Images/macrovector)

Over the weekend, Twitter user and cryptocurrency influencer NFT God revealed that he lost a "life changing" amount of his net worth after clicking on a malicious Google advertisement. 

The sponsored link seemed innocuous, but unbeknownst to NFT God, it was a malware-harboring URL waiting to bait victims into privacy-invading chaos. Suddenly, NFT God discovered that his Twitter, Substack, Discord and Gmail were hijacked by "bad actors." It gets worse — the cybercriminals managed to steal all of his digital assets, too.

How did this happen?

NFT God spotted an advertisement for popular live-streaming app Open Broadcaster Software (OBS), a software platform that's favored among Twitch users and YouTube influencers. When he clicked it, he was prompted to download a fake executable file.

"Nothing happened when I clicked the EXE," NFT God said on Twitter. A few hours later, however, turmoil ensued. He realized that his Twitter was hacked. "If only that were the last chapter of this story," NFT God lamented. "Unfortunately, it was just the first."

Later that day, he found that all of his cryptocurrencies and NFTs were swiped from him. "[I]t was all gone. Everything," he tweeted.


(Image credit: Future)

According to BleepingComputer, NFT God likely stumbled upon an info-stealing malware that snatched his saved browser credentials, cookies, Discord tokens and digital-asset wallets. 

Although this malicious-ad incident is one of the few that managed to hit the media spotlight in recent times, NFT God is hardly the sole victim of this vicious cybercriminal stratagem. Cybersecurity firms like Guardio and Trend Micro called out the Google Ads platform for being a breeding ground for hackers to promote malicious downloads that wreck PCs and devastate victims' lives. 

Blender 3D suspicious ad

Suspicious-looking Blender ad on Google Search (Image credit: Future)

Aside from OBS, other popular apps hackers love to impersonate in Google Search include Notepad++, 7-Zip, WinRAR, VLC, CCleaner, Blender, Capcut, and more. What's worse is that sponsored ads typically appear before the official page hosting the authentic download. Consequently, if one isn't paying attention, they may mindlessly click on the first link they see.

How to avoid being in NFT God's shoes

Avoid URLs that are tagged with the word "Ad." Although they may be legitimate, you don't know for sure. Read the URL to make sure there aren't any misspellings or typos. 

Secondly, as BleepingComputer suggests, consider getting an ad blocker (e.g. Adblock Plus). "[Ad blockers] could make the difference between losing access to your sensitive information or online accounts and getting digital resources from legitimate vendors."

It's worth noting that Google removed the malicious ad that baited NFT God, but you should still keep an eye out for ill-intentioned URLs on Google Search.

Kimberly Gedeon

Kimberly Gedeon, holding a Master's degree in International Journalism, launched her career as a journalist for MadameNoire's business beat in 2013. She loved translating stuffy stories about the economy, personal finance and investing into digestible, easy-to-understand, entertaining stories for young women of color. During her time on the business beat, she discovered her passion for tech as she dove into articles about tech entrepreneurship, the Consumer Electronics Show (CES) and the latest tablets. After eight years of freelancing, dabbling in a myriad of beats, she's finally found a home at Laptop Mag that accepts her as the crypto-addicted, virtual reality-loving, investing-focused, tech-fascinated nerd she is. Woot!