Scammers use 'wallet drainer' to steal $60 million in crypto: What is it

10 months ago 17

Over the past year,

cybercriminals

have been using

phishing scams

to steal millions of dollars worth of

crypto assets

through malicious ads on popular platforms like Google and X. Researchers at a cybersecurity firm ScamSniffer have discovered that

scammers

are using ‘wallet drainers’ to steal crypto assets. One of these drainers, in particular, has been used extensively in phishing ads.

In a blog post, the company says that this drainer was first discovered in Google search ad phishing. Later, they were found in a set of X phishing ads shared by ZachXBT. In a recent sampling test of ads in X’s feeds, the company found that nearly 60% of the phishing ads were using this particular drainer.
From March to December, Scam Sniffer monitored about 10,072 phishing websites using them. The company has also analysed the on-chain data linked to their phishing addresses and has discovered that they have stolen nearly $58.98 million from over 63,000 victims over the past nine months.
What are wallet drainers and how are they spreading

wallet drainer

works by tricking users into authorising malicious transactions which steal the assets in their crypto wallets. This usually happens when users click on malicious links in false advertisements that are actually phishing scams.
For example, some of the recent phishing scams that utilise the wallet drainer include a cluster of phishing ads on X called “Ordinals Bubbles” and fake links to popular crypto platforms like DeFiLlama and Lido.

These phishing ads have turned even more sophisticated. They use redirect tricks that look like official and legitimate domains. But in reality, these links lead to phishing websites.
The blog post notes: “Phishing scammers have used these drainers through various means such as phishing ads, supply chain attacks, Discord phishing, Twitter spam comments and mentions, Airdrop Phishing, SimSwap attacks, DNS attacks, email phishing, etc., to continuously target ordinary users with phishing attacks, causing a significant loss of assets.
Why scammers like this wallet drainer
Unlike other wallet drainers, this one doesn't charge a 20% fee of the scammers’ profits. The developers of this malware sell the source code for a flat fee and additional value-added modules as extras.
The report says: “By targeting specific audiences through Google search terms and the following base of X, they can select specific targets and launch continuous phishing campaigns at a very low cost.”

Article From: timesofindia.indiatimes.com

Read Entire Article

Note:

We invite you to explore our website, engage with our content, and become part of our community. Thank you for trusting us as your go-to destination for news that matters.

Certain articles, images, or other media on this website may be sourced from external contributors, agencies, or organizations. In such cases, we make every effort to provide proper attribution, acknowledging the original source of the content.

If you believe that your copyrighted work has been used on our site in a way that constitutes copyright infringement, please contact us promptly. We are committed to addressing and rectifying any such instances

To remove this article:
Removal Request