Heads up!
A new generation of crypto drainers has stormed the crypto-verse, wiping off left, right, and center wallets.
As of press time, up to $60 million is being stolen by these crypto drainers from various crypto wallets.
But hold up: what are crypto drainers to start with? And how can one protect oneself from being scammed by these?
Keep reading to learn all about crypto drainers.
What are Crypto Drainers?
Crypto Drainers or Sweepers are dangerous smart contracts that can easily clean out a cryptocurrency wallet of its funds.
It is a perfect tool for phishing scams.
How the crypto drainers work is this:
The wallet owner is tricked into agreeing to a pernicious transaction in their wallet unknowingly.
This will enable the smart contract to transfer the wallet’s assets entirely or partially, depending on the type of transaction agreed to.
The wallet’s assets are then cleared out seamlessly. Quite sad!
So, the hacker using a crypto drainer has just one job: To make the wallet owner believe he/she is approving a legitimate transaction.
Once that aim is achieved, the hacker is at liberty to do with the wallet’s assets as it pleases him/her.
The rise of cryptocurrency drainers came with the discovery of the Monkey Drainer scam in November 2022.
Since then, there has been a rise in crypto drainers’ scams.
Scam Sniffer confirmed that some crypto drainers are lent to phishing scam groups. And a commission is charged for it.
Aside from the commission charge, many crypto drainer owners require extra fees for their drainers and even offer ‘add-ons’, e.g., malicious signature requests, etc.
Apart from Money Drainers (which shut down its services in February 2023), there has been an influx of other crypto drainers in the crypto space.
Check them out below.
List of Crypto Drainers To Look Out For
- Venom
- Pink
- Inferno
1. Venom Crypto Drainer
The Venom Crypto Drainer was announced by the Monkey Drainers as a worthy competitor.
It urged its users to move on to Venom Drainer as they are shutting down their services.
As of press time, more than $27 million has been wiped out from over 15 thousand wallets by this drainer.
So far, about 540 phishing sites have been created, and more than 170 brands have been targeted.
The affected chains are:
- ERC20 – 20789790
- ETH – 3122586
- NFT – 5332332
Its phishing method is Permit and Approve.
For ERC20, the drainer tries to get the wallet owner to approve or permit a transaction and then transfers using ERC20 tokens.
For NFT listings, users are tricked into signing these malicious listings.
Most times, it contains a lower listing price or even zero.
Once the user marks the listing, their NFTs will be transferred using that listing signature.
The table includes some targeted brands and the phishing sites that have been created
| Target Brand | Phishing Sites |
|---|---|
| Arbitrum | 148 |
| Circle | 54 |
| Blur | 36 |
| zkSync | 31 |
| Optimism | 22 |
| Shibarium | 21 |
| GPT | 18 |
| Trust Wallet | 16 |
| Collab.Land | 11 |
| MetaMask | 10 |
| Memes 6529 | 10 |
| Doodles | 9 |
| Aptos | 8 |
| adidas Originals | 8 |
| Rocket Pool | 6 |
| Uniswap | 6 |
| Layer Zero | 6 |
| NFT Paris | 5 |
| RTFKT | 5 |
| Sui | 5 |
| Floki | 5 |
| Lens Protocol | 5 |
| Mask Network | 5 |
| Mocaverse | 4 |
| art blocks | 4 |
2. Pink Crypto Drainer
According to Scam Sniffer, Taylor Monahan came upon Pink Drainer in its on-chain monitor bot.
The drainer gained access to some Discord servers where phishing links were dropped.
This led many users to open fake websites and mistakenly approve fake transactions, losing their assets.
As of press time, Pink Drainer has hacked over 7 Discord servers, with 2,484 victims affected.
The total funds stolen so far amounts to more than $3 million, with the following chains affected:
- Polygon – 103,792
- Optimism – 122,234
- BNB – 144,987
- Arbitrum – 687,485
- Ethereum – 3,629,185
The table below lists some of the brands that have been affected by Pink Drainer.
| Brand | Date | Site | Source |
|---|---|---|---|
| Evmos | May 8 | evmos-claim.org | View |
| Starknet ID | May 11 | starknet.pm | View |
| LiFi | May 17 | lifi.pm | View |
| eth_ben quote tweet | May 26 | a0k1verse.club | View |
| Cherry Network | May 26 | cherry.pm | View |
| Pika Protocol | May 31 | pikaprotocol.pm | View |
| Orbiter Finance | June 1 | orbiter.pm | View |
| Flare Network | June 1 | flarenetwork.net | View |
| OpenAI CTO | June 2 | chatgpt.build | View |
Its modus operandi is via Social Engineering, and it operates by:
- Either impersonate a journalist from a reputable news firm (e.g., Cointelegraph) to grant interviews. Then, they will be required to carry out a KYC authentication where phishing links are included.
- Or getting Discord admins to open a fake Carl verification and add bookmarks that contain counterfeit codes. These codes steal users’ authentication tokens. They will proceed to remove other admins and continue the stealing.
3. Inferno Crypto Drainer
Inferno Drainer is another crypto drainer used to steal more than $5 million from 4,888 victims as of press time.
This drainer specializes in multichain scams with a charge of 20% of the stolen assets.
From analysis, it was found that more than $29 million worth of assets had been stolen from over 70 thousand victims.
Inferno has created over 600 phishing sites with more than 220 target brands, as seen in the table below.
| Brand | Sites |
|---|---|
| Pepe | 120 |
| Collab.Land | 33 |
| Bob | 28 |
| Optimism | 21 |
| Sui | 19 |
| zkSync | 19 |
| PSYOP | 18 |
| Floki | 13 |
| Arbitrum | 12 |
| Lens Protocol | 11 |
| LayerZero | 11 |
| Sei | 10 |
| SyncSwap | 9 |
| MetaMask | 8 |
| Scroll | 8 |
| Nakamigos | 8 |
| ChainGPT | 7 |
| Layer Zero | 7 |
| ZkSwap | 6 |
| Milady | 6 |
| MongCoin | 5 |
| Revoke.cash | 5 |
| Blur | 5 |
Some of the affected chains include:
- Ethereum – 10660976
- Arbitrum – 1391275
- BNB Chain – 885872
- Polygon – 774894
Inferno Drainer operates via fake NFT airdrops, as seen on this page.
However, on 26th Nov. 2023, Inferno stated that it was shutting down its services via its Telegram channel.
You can read more about this here.
There’s also the Pussy Drainer that has been used to steal more than $13 million from 3267 victims. Find more stats here.
Here you have the crypto drainers ravaging the crypto-verse.
The million-dollar question now is: HOW DO I KEEP MY WALLET(S) SAFE?
I gave some tips on that below. Keep reading.
How To Safeguard Your `Wallets From Crypto Drainers
Some basic tips to keep your wallets safe from the menace of crypto drainers include:
Tip 1. – Avoid Unidentifiable Links
Yes… Avoid those links whose source you can’t prove like a plague!
While transacting, be mindful of the links and ads that fly across the device screen.
Please take a good look before clicking on any of them.
Tip 2. – Avoid Google Ads for Crypto Services
Instead of visiting crypto sites via ads, go through its official website.
Don’t be in a hurry to click on URLs; take a moment to confirm that you’re using the correct URL before going ahead to do anything.
For example, binance.com can be written as ‘biananc.com‘ or ‘binancĂ©.com.’
Tip 3. – Keep Funds in Multiple Wallets
It is said not to keep all your eggs in one basket. This is also true for crypto.
Let’s say you have $25000 worth of assets in crypto. It is advised that you split the funds into different wallets.
This is a way to keep your funds safe.
If one of the wallets gets hacked, you will lose just a portion of your portfolio.
Tip 4. – Enable Two-Factor Authentication
2FA, or Two-Factor Authentication, is a second layer of protection for crypto wallets.
With that enabled, it will help to keep off these drainers even when they can access your wallet.
Without access to the 2FA code, there’s no way your wallet can be tampered with.
Tip 5. – Use of Hardware Wallets
Hardware wallets are the safest among the different types of wallets for crypto because they are not online.
If you keep your private keys and the device safe, crypto drainers have nothing on you when your funds are stored in a hardware wallet!
Examples include Ledger wallets and Trezor wallets.
It all boils down to being on the alert at any point.
Always be vigilant whether carrying out a transaction or just scrolling through the crypto streets.
Conclusion
Hey, crypto lover, it’s the Wild West out there! Always be on the alert.
Crypto drainers are one of the latest scams in the crypto-verse.
But like the various scams, the way to go is to be watchful.
Take the necessary precautions, and you will be safe out there.
Even in an attack, the effect will be way less as the precautions taken will go a long way to cushion its impact.
Till my next post, hodl on… WAGMI!
0 Comments