“Wallet Drainers” is a type of malware that targets crypto asset wallets. This malware works by tricking victims into authorizing malicious transactions, allowing for the complete draining of assets in their wallets. Perpetrators of wallet drainers typically use them in phishing attacks, where victims are tricked into clicking malicious links or opening dangerous attached documents.
Security firm Scam Sniffer recently said it discovered for the first time “Wallet Drainers” appearing on Google search results and Twitter ads. In the last 9 months, this malware has victimized over 63,000 people, resulting in a total loss of $58 million.
Since March 2023, Scam Sniffer said they have tracked about 10,072 scam websites and discovered that $58.98 million from 63,210 user wallet addresses were stolen by using this phishing method. The security firm even collaborated with SlowMist and on-chain detective ZachXBT to investigate more websites associated with the “Wallet Drainers” malware.
The results revealed numerous fraudulent crypto project websites linked to “Wallet Drainers” including Zapper, Lido, Stargate, DefiLlama, Orbiter Finance, Radiant. There are even scam ads shown on X (Twitter) called “Ordinals Bubbles”. Scam Sniffer found that these scam websites used various methods to bypass Google and X’s advertising censorship system.
It is worth mentioning that the source code for setting up and managing “Wallet Drainers” are openly advertised and sold on forums and developer groups. Unlike other tools, the “Wallet Drainers” malware not only has a selling price but also charges an additional 20% installation fee. Furthermore, if users require advanced features such as creating fake signatures on browsers connecting to Web3 wallets, they have to pay additional fees.
Fraudulent advertising has become a “gateway” for scammers to easily reach victims. They can pick target victims and launch scam campaigns using advertising tools on Google and X with very low costs and then steal tens of millions of dollars. In November 2023 alone, crypto attacks drained $340 million on DeFi platforms.