Home Tech Scammers use ‘wallet drainer’ to steal $60 million in crypto: What is it

Scammers use ‘wallet drainer’ to steal $60 million in crypto: What is it

by hrithik singh t
wallet drainer

wallet drainer

Over the past year, cyber criminals have been using phishing scams to steal millions of dollars worth of crypto assets through malicious ads on popular platforms like Google and X. Researchers at a cybersecurity firm Scam Sniffer have discovered that scammers are using ‘wallet drainers’ to steal crypto assets. One of these drainers, in particular, has been used extensively in phishing ads.
In a blog post, the company says that this drainer was first discovered in Google search ad phishing. Later, they were found in a set of X phishing ads shared by Zach XBT. In a recent sampling test of ads in X’s feeds, the company found that nearly 60% of the phishing ads were using this particular drainer.
From March to December, Scam Sniffer monitored about 10,072 phishing websites using them. The company has also analysed the on-chain data linked to their phishing addresses and has discovered that they have stolen nearly $58.98 million from over 63,000 victims over the past nine months.
What are wallet drainers and how are they spreading
A wallet drainer works by tricking users into authorising malicious transactions which steal the assets in their crypto wallets. This usually happens when users click on malicious links in false advertisements that are actually phishing scams.
For example, some of the recent phishing scams that utilise the wallet drainer include a cluster of phishing ads on X called “Ordinals Bubbles” and fake links to popular crypto platforms like De FiLlama and Lido.
These phishing ads have turned even more sophisticated. They use redirect tricks that look like official and legitimate domains. But in reality, these links lead to phishing websites.
The blog post notes: “Phishing scammers have used these drainers through various means such as phishing ads, supply chain attacks, Discord phishing, Twitter spam comments and mentions, Airdrop Phishing, Sim Swap attacks, DNS attacks, email phishing, etc., to continuously target ordinary users with phishing attacks, causing a significant loss of assets.
Why scammers like this wallet drainer
Unlike other wallet drainers, this one doesn’t charge a 20% fee of the scammers’ profits. The developers of this malware sell the source code for a flat fee and additional value-added modules as extras.
The report says: “By targeting specific audiences through Google search terms and the following base of X, they can select specific targets and launch continuous phishing campaigns at a very low cost.”


You may also like

Leave a Comment