A recent report suggests that the infamous phishing organization Pink Drainers became victims of fraud themselves.
This incident highlights the growing sophistication, complexity, and risks of cybercrime, as well as the enormous financial damage phishing attempts still cause globally.
Phishing Masters Pink Drainers Tricked by Fake Wallet Address
An address connected to the Pink Drainers became a victim of address poisoning fraud, according to crypto tracking tool MistTrack. In late June, the infamous phishing outfit lost 10 Ethereum (ETH), valued at about $30,000, to a phony wallet address.
MistTrack covered several Ethereum transactions involving the Pink Drainers in their X (Twitter) post. One picture displays a transaction history with important transfers to both valid and fraudulent addresses. These transactions include the arrival of 20 ETH and many transfers of 10 ETH.
Read more: Crypto Scam Projects: How To Spot Fake Tokens
Furthermore, MistTrack displayed the transfer of money across addresses, including Pink Drainers, a real address (0xEfF0ECD2eB275C3CEE4A17D9B8f10151), and a bogus address (0xEfF0eCD2eB275C3CEE4A17D9B8f101). The transactions reveal address poisoning, with the fake address closely matching the real one, deceiving Pink Drainers.
“Despite being so simple, this method is extremely effective: we see how address poisoning allowed one scammer to scam another. Even professional perpetrators have fallen victim – so regular users must be especially cautious.
Address poisoning works when we aren’t careful enough – and this is its weak point. We recommend users double- and even triple-check every address before sending funds. Special software can help ensure there is no difference between two addresses, although a regular check with the naked eye is often sufficient,” Chimp Exchange Founder Akshay Nassa told BeInCrypto.
Scam Sniffer’s Dune dashboard noted that Pink Drainer had stolen $85.29 million from 21,131 victims between July 2023 and May 2024. Highlighting the unpredictable nature of cybercrime, this ironic turn of events saw those who once hunted becoming the hunted themselves.
A recent report from CertiK noted that phishing was the most costly attack vector in the second quarter of 2024, with $433.68 million lost across 67 incidents. These incidents were responsible for most of the financial losses in the cybersecurity field. Phishing attacks led to a substantial $497.73 million loss across 150 incidents in the first half of 2024, highlighting their continuous threat.
The report detailed that phishing attacks have been more frequent than private key compromises, with notable financial implications. One of the most significant losses in Q2 involved a phishing victim who lost approximately $68.59 million in Wrapped Bitcoin (WBTC) due to an address poisoning attack. This attack occurred when the victim sent a small test transaction to a new wallet, unknowingly setting the stage for a massive theft.
Another significant incident involved a phishing victim losing approximately $7.09 million worth of EtherFi (LQIDETH) tokens through address poisoning. The attacker, however, returned some of the stolen tokens. Despite these rare instances of restitution, the vast majority of phishing victims do not see their funds returned.
“You can’t rely on an attacker returning your funds, and an incident where this happens still deserves to be included in the overall figures pertaining to value lost. Others are not so lucky. These two incidents were the only two cases we identified of phishing victims seeing their lost funds returned,” the CertiK team noted in its report.
Read more: 15 Most Common Crypto Scams To Look Out For
Past research by Scam Sniffer revealed that hostile groups like Pink Drainers run with corporate-like efficiency. One gang leaves the scene, and another quickly replaces it. For instance, Angel Drainer emerged following Inferno Drainer’s announcement of his leaving, therefore extending the cycle of cybercrime.
Disclaimer
In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and Conditions, Privacy Policy, and Disclaimers have been updated.