Analysts: Google ‘asleep at the wheel’ on crypto deepfake scams

A
cybersecurity
expert
called
out
Google
over
inadequate
preventive
measures
against
crypto-targeted
deepfakes
involving
Bitcoin
and
figures
like
Elon
Musk.

Recently,
scammers
leveraged
a
fabricated
video
of
billionaire
and
Tesla
CEO
Elon
Musk
on
YouTube
to
fleece
unsuspecting
users
of
cryptocurrencies,
including
Bitcoin
(BTC).

Bad
actors
used
artificial
intelligence
and
real
video
clips
to
create
YouTube
Live
sessions
directing
crypto
users
to
deposit
BTC
on
multiple
websites.
The
campaign
amassed
hundreds
of
thousands
of
views,
and
the
possible
losses
are
yet
unknown.

National
Cybersecurity
Center
(NCC)
founder
Michael
Marcotte,
said
in
a
press
release
sent
to
crypto.news
scammers
are
initiating
a
“personal
attack
on
Elon
Musk
as
well
as
its
ability
to
kneecap
consumer
confidence
in
Bitcoin.”

Additionally,
hackers
used
Russian
domain
name
registrars
for
the
crypto
depository
platforms,
promising
to
double
user
funds.
Per
Marcotte,
the
culprits
may
have
deployed
this
tactic
to
misdirect
law
enforcement. “This
unusual
attack
fingerprint
raises
serious
questions
about
underlying
intent
and
source”,
the
expert
stated.

Marcotte:
Google
must
do
more

As
the
NCC
veteran
highlighted,
the
scammer
used
an
account
with
nearly
one
million
followers
and
250
million
views.
Marcotte
opined
that
the
case
calls
Google’s
policies
into
question
since
malicious
users
assumed
legitimacy
by
mimicking
a
verified
Tesla
YouTube
account.

“The
real
indictment
was
that
scammers
were
able
to
perpetrate
this
scam
on
YouTube
for
hours
over
the
weekend
without
it
being
shut
down.
It
is
clear
in
this
particular
case
that
Google’s
cybersecurity
team
was
asleep
at
the
wheel,”
said
Marcotte
via
email.

The
expert
said

Google’s
team
deserves
the
benefit
of
the
doubt
but
stressed
that
a
breach
of
this
magnitude
should
have
been
quickly
flagged,
and
addressed.

Recurring
concerns

Users
have
complained
of
attack
vectors
left
unchecked
by
Google,
which
have
led
to
crypto
losses
in
the
past.
Last
month,
crypto.news

reported
a
fake
Aggr
Chrome
extension
used
to
bypass
Binance
security. On
June
3,
multiple
reports
of
$1
million
in
losses
linked
to
the
same
extension

emerged.
In
April,
scammers
employed
paid
ads
on
the
mammoth
search
engine
to

promote
a
harmful
OTC
crypto
platform.

[𝕏]

#Binance
accounts
may
be
at
risk
if
users
downloaded
the
KOL-promoted
Google
plugin
Aggr!
A
Chinese
user
lost
$1
million
on
May
24,
and
another
user
was
hacked
on
March
1.
Hackers
use
hijacked
cookies
to
bypass
password/2FA
and
access
accounts

pic.twitter.com/e1bIyjhm9B

—
BecauseBitcoin.com
(@BecauseBitcoin)

June
3,
2024

The
Alphabet
subsidiary
has
sometimes
fought
back
and

sued
scammers
for
masterminding
criminal
campaigns.
However,
users
and
experts
alike
agree
that
the
company
should
do
more
to
tackle
these
incidents.

“It
is
now
starkly
obvious
that
we’re
moving
into
a
world
where
the
line
between
real
and
fake
is
increasingly
unclear.
This
weekend’s
scam
needs
to
be
a
radical
wake-up
call
for
the
rest
of
the
industry.”
Marcotte
noted.

Analysts: Google ‘asleep at the wheel’ on crypto deepfake scams

Marcotte: Google must do more

Recurring concerns

Marcotte:
Google
must
do
more

Recurring
concerns