Millions Stolen from Solana Users in Recent Wallet Drainer Attacks
In the past month, two wallet drainers known as Rainbow Drainer and Node Drainer have successfully stolen millions of dollars worth of cryptocurrency from Solana users. According to analysis by Scam Sniffer and Dune, these programs have taken a combined $4.17 million from 3,967 Solana wallets since late November, with most of the thefts occurring since mid-December.
Targeting Specific Token Communities with NFT Airdrops
The majority of the stolen funds were obtained by targeting specific Solana token communities through NFT airdrops. Malicious actors attached phishing website links to these NFTs, tricking users into signing transactions that linked their wallets to the fraudulent sites. For example, Rainbow Drainer targeted holders of the ZERO token by offering them NFTs claiming to provide vouchers for free ZERO tokens. When users clicked on the external link and signed the transaction, their wallets were drained instantly.
Phishing Tactics and Exploits
Rainbow Drainer has netted thieves $2.15 million in recent weeks, stealing assets such as BONK, ZERO, USDT, and USDC. On the other hand, Node Drainer used similar phishing tactics in Discord groups and even hacked Twitter accounts, including that of cybersecurity firm Mandiant. In total, Node Drainer exploits resulted in $2.025 million in stolen assets.
On-Chain Evidence Points to Single Individual or Small Group
Although it is unclear how many individuals were involved in these attacks, evidence suggests that at least a significant portion of them originated from a single person or a small group. Scam Sniffer identified a wallet address associated with the thefts that used AllBridge to transfer over $1 million worth of assets to Ethereum.
Hot Take: Protect Yourself from Crypto Scams
These recent incidents highlight the importance of staying vigilant and protecting your crypto assets. Avoid clicking on suspicious links, especially those promising free tokens or giveaways. Be cautious when connecting your wallet to unfamiliar websites, as they may be phishing attempts. Regularly update your security measures and be aware of the latest scam tactics in the crypto space. By staying informed and taking necessary precautions, you can safeguard your digital assets from malicious actors.
By
By