A new generation of crypto drainers has stormed the crypto-verse, wiping off wallets left, right, and center.
As of press time, we have up to $60 million being stolen by these crypto drainers from various crypto wallets.
But hold up: what are crypto drainers to start with? And how can one protect oneself from being scammed by these?
Keep reading to learn all about crypto drainers.
What are Crypto Drainers?
Crypto Drainers or Sweepers are dangerous smart contracts that can easily clean out a cryptocurrency wallet of the funds in it.
It is a perfect tool for phishing scams.
How the crypto drainers work is this:
The wallet owner is tricked into agreeing to a pernicious transaction in their wallet unknowingly.
This will enable the smart contract to transfer the wallet’s assets entirely or partially depending on the type of transaction agreed to.
The wallet’s assets are then cleared out seamlessly. Quite sad!
So the hacker using a crypto drainer has just one job: To make the wallet owner believe he/she is approving a legitimate transaction.
Once that aim is achieved, the hacker is now at liberty to do with the wallet’s assets as it pleases him/her.
The rise of cryptocurrency drainers came with the discovery of the Monkey Drainer scam in November 2022.
Since then, there has been a rise in crypto drainers’ scams.
Scam Sniffer confirmed that some of these crypto drainers are lent out to phishing scam groups. and a commission is charged for it.
Asides from the commission charged, many crypto drainer owners require extra fees for their drainers and even offer ‘add-ons’ e.g. malicious signature requests, etc.
Apart from Money Drainers (which shut down its services in February 2023), there has been an influx of other crypto drainers in the crypto space.
Check them out below.
List of Crypto Drainers To Look Out For
1. Venom Crypto Drainer
The Venom Crypto Drainer was announced by the Monkey Drainers as a worthy competitor.
It urged its users to move on to Venom Drainer as they are shutting down their services.
As of press time, more than $27 million has been wiped out by this drainer from more than 15 thousand wallets.
So far, there are about 540 phishing sites created, and more than 170 brands targeted.
The affected chains are:
- ERC20 – 20789790
- ETH – 3122586
- NFT – 5332332
Its phishing method is Permit and Approve.
For ERC20, the drainer tries to get the wallet owner to approve or permit a transaction and then goes ahead to transfer using ERC20 tokens.
For NFT listings, users are tricked into signing these malicious listings.
Most times, it contains a lower listing price or even zero.
Once the user signs the listing, their NFTs will be transferred using that listing signature signed.
The table contains some targeted brands and the phishing sites that have been created
|Target Brand||Phishing Sites|
2. Pink Crypto Drainer
According to Scam Sniffer, Taylor Monahan came upon Pink Drainer in its on-chain monitor bot.
The drainer gained access to some Discord servers where phishing links were dropped.
This led many users to open fake websites and mistakenly approve fake transactions resulting in the loss of their assets.
As of press time, Pink Drainer has hacked more than 7 Discord servers with 2,484 victims affected.
The total funds stolen so far amounts to more than $3 million with the following chains affected:
- Polygon – 103,792
- Optimism – 122,234
- BNB – 144,987
- Arbitrum – 687,485
- Ethereum – 3,629,185
The table below lists some of the brands that have been affected by Pink Drainer.
|Starknet ID||May 11||starknet.pm||View|
|eth_ben quote tweet||May 26||a0k1verse.club||View|
|Cherry Network||May 26||cherry.pm||View|
|Pika Protocol||May 31||pikaprotocol.pm||View|
|Orbiter Finance||June 1||orbiter.pm||View|
|Flare Network||June 1||flarenetwork.net||View|
|OpenAI CTO||June 2||chatgpt.build||View|
Its modus operandi is via Social Engineering and it operates by:
- either impersonate a journalist from a reputable news firm (eg Cointelegraph) to grant interviews. Then they will be required to carry out a KYC authentication where phishing links were included.
- or getting Discord admins to open a fake Carl verification and add bookmarks that contained fake codes. These codes steal users’ authentication tokens. They will proceed to remove other admins and continue the stealing.
3. Inferno Crypto Drainer
Inferno Drainer is another crypto drainer that has been used to steal more than $5 million from 4,888 victims as of press time.
This drainer specializes in multichain scams with a charge of 20% of the stolen assets.
From analysis, it was found that more than $29 million worth of assets has been stolen from over 70 thousand victims.
Inferno has created more than 600 phishing sites with more than 220 target brands as can be seen in the table below.
Some of the affected chains include:
- Ethereum – 10660976
- Arbitrum – 1391275
- BNB Chain – 885872
- Polygon – 774894
Inferno Drainer operates via fake NFT airdrops as can be seen from this page.
There’s also the Pussy Drainer that has been used to steal more than $13 million from 3267 victims. Find more stats here.
Here you have the crypto drainers ravaging the crypto-verse.
The million-dollar question now is: HOW DO I KEEP MY WALLET(S) SAFE?
I gave some tips on that below. Keep reading.
How To Safeguard Your `Wallets From Crypto Drainers
Some basic tips to keep your wallets safe from the menace of crypto drainers include:
Tip 1. – Avoid Unidentifiable Links
Yes… avoid those links that you can’t prove their source like a plague!
While carrying out a transaction, be mindful of the links and ads that fly across the device screen.
Take a good look before clicking on any of them.
Tip 2. – Avoid Google Ads for Crypto Services
Instead of visiting crypto sites via ads, go through its official website.
Don’t be in a hurry to click on URLs; take a moment to confirm that you’re using the correct URL before going ahead to do anything.
For example, binance.com can be written as ‘biananc.com‘ or ‘binancé.com‘.
Tip 3. – Keep Funds in Multiple Wallets
It is said not to keep all your eggs in one basket. This is also true for crypto.
Let’s say you have $25000 worth of assets in crypto. It is advised that you split the funds into different wallets.
This is a way to keep your funds safe.
Peradventure one of the wallets gets hacked, you will be losing just a portion of your portfolio.
Tip 4. – Enable Two-Factor Authentication
2FA or Two-Factor Authentication is a second layer of protection for crypto wallets.
With that enabled, it will help to keep off these drainers even when they manage to gain access to your wallet.
Without access to the 2FA code, there’s no way your wallet can be tampered with.
Tip 5. – Use of Hardware Wallets
Among the different types of wallets for crypto, hardware wallets are the safest because they are not online.
Provided you keep your private keys and the device itself safe, crypto drainers got nothing on you when your funds are stored in a hardware wallet!
In all, it all boils down to being on the alert at any point.
Whether you are carrying out a transaction or just scrolling through the crypto streets, always be vigilant.
Hey crypto lover, it’s the Wild West out there! Always be on the alert.
Crypto drainers are one of the latest scams in the crypto-verse.
But just like the various other scams, the way to go is to be watchful.
Take the necessary precautions and you will be safe out there.
Even in the event of an attack, the effect will be way less as the precautions taken will go a long way to cushion its effect.
Till my next post, hodl on… WAGMI!