Blockchain forensics firm Scam Sniffer has identified two major “sophisticated Solana wallet drainers.” Over the past month, these malicious actors have stolen $4.17 million from 3,947 users.
According to Scam Sniffer, Solana phishing often involves direct transfers, exploiting weaknesses in transaction simulations.
Solana Wallet Gets Drained
Rainbow Drainer, discovered by Scam Sniffer on December 16, 2023, during an airdrop phishing incident, has stolen $2.14 million from 2,189 users. The phishing scheme involved a fake NFT<NFT airdrop where victims unwittingly signed a malicious contract, resulting in the theft of their assets.
The bad actor pilfered $464,817 in BONK, $173,382in ZERO, $165,932 in USDT, and $93,266 in USDC.
Moreover, a second drainer, the Node Drainer, began its operations through a Christmas phishing campaign. The malicious entity stole over $2 million from 1,762 users within two weeks.
“One address associated with Node Drainer converted stolen USDC to ETH via AllBridge, making over $1 million in profit,” Scam Sniffer said.
A link associated with Node Drainer was also found in a hack conducted by Mandiant. On December 25, 2023, alone, Node Drainer stole $638,644 in ANALOS tokens, $325,432 in BONK, and $93,987 in SILLY.
Usually, drainers use airdrops on phishing sites to lure unsuspecting users, who, upon entering the site, encounter a simulated failure message, leading them to confirm a transaction without visible details. This deceptive tactic results in users losing their assets to the theft.
Last year, these wallet drainers stole nearly $300 million from about 324,000 victims.
More Crypto Phishing Scams
Meanwhile, according to Scam Sniffer, DuckDuckGo, a privacy-focused web browser, is being used to perpetuate a phishing scam. The security firm said an unnamed individual lost $12,000 to a deceptive 1inch scam advertisement on the platform.
Read more: Top 10 Must-Have Cryptocurrency Security Tips
DefiLlama’s pseudonymous developer, 0xngmi, also confirmed that the search engine displayed a fraudulent ad for the DeFi data aggregator. He explained that DeFiLlama’s URL appears accurate on DuckDuckGo. However, clicking on it redirects users to a malicious site that drains users’ funds.
Trusted
Disclaimer
In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and Conditions, Privacy Policy, and Disclaimers have been updated.
