How Hackers Drained $4.17 Million from Solana Wallet

Blockchain forensics firm Scam Sniffer has identified two major “sophisticated Solana wallet drainers.” Over the past month, these malicious actors have stolen $4.17 million from 3,947 users.

According to Scam Sniffer, Solana phishing often involves direct transfers, exploiting weaknesses in transaction simulations.

Solana Wallet Gets Drained

Rainbow Drainer, discovered by Scam Sniffer on December 16, 2023, during an airdrop phishing incident, has stolen $2.14 million from 2,189 users. The phishing scheme involved a fake NFT airdrop where victims unwittingly signed a malicious contract, resulting in the theft of their assets.

The bad actor pilfered $464,817 in BONK, $173,382in ZERO, $165,932 in USDT, and $93,266 in USDC.

Moreover, a second drainer, the Node Drainer, began its operations through a Christmas phishing campaign. The malicious entity stole over $2 million from 1,762 users within two weeks.

“One address associated with Node Drainer converted stolen USDC to ETH via AllBridge, making over $1 million in profit,” Scam Sniffer said.

A link associated with Node Drainer was also found in a hack conducted by Mandiant. On December 25, 2023, alone, Node Drainer stole $638,644 in ANALOS tokens, $325,432 in BONK, and $93,987 in SILLY.

Usually, drainers use airdrops on phishing sites to lure unsuspecting users, who, upon entering the site, encounter a simulated failure message, leading them to confirm a transaction without visible details. This deceptive tactic results in users losing their assets to the theft.

Last year, these wallet drainers stole nearly $300 million from about 324,000 victims.

More Crypto Phishing Scams

Meanwhile, according to Scam Sniffer, DuckDuckGo, a privacy-focused web browser, is being used to perpetuate a phishing scam. The security firm said an unnamed individual lost $12,000 to a deceptive 1inch scam advertisement on the platform.

Read more: Top 10 Must-Have Cryptocurrency Security Tips

Deceptive DeFiLlama Ad on DuckDuckGo. Source: 0xngmi

DefiLlama’s pseudonymous developer, 0xngmi, also confirmed that the search engine displayed a fraudulent ad for the DeFi data aggregator. He explained that DeFiLlama’s URL appears accurate on DuckDuckGo. However, clicking on it redirects users to a malicious site that drains users’ funds.

Top crypto platforms in the US | January 2024


Coinbase
Explore →


iTrustCapital
Explore →


Metamask Portfolio
Explore →

The post How Hackers Drained $4.17 Million from Solana Wallet appeared first on BeInCrypto.

Leave a comment