Two wallet leakers have successfully stolen millions of dollars worth of crypto assets from Solana users in the past month alone, according to a new report based on public blockchain data.
Deployers of both programs, Rainbow Drainer and Crossroads Drainer, have stolen assets worth $4.17 million from 3,967 Solana bags since the end of November, according to the analysis. Cheater cheater and crypto analytics platform Dune. Most of these thefts have occurred since mid-December.
It appears that malicious actors have stolen most of the funds by targeting certain Solana token communities with NFT airdrops, then using phishing website links to the NFTs. Legitimate airdrops — that is, free tokens, or NFTs, tied to protocols and apps — have been on the rise lately, but social media scams are often presented as real giveaways.
Users of Rainbow Drain, for example, target owner of ZERO, a native token of Solana's meta protocol. AnalystThey offered vouchers for 1,000 free Zero Tokens by airdropping their NFTs. Curious recipients clicked on the external link associated with the NFT and signed a transaction linking their wallet to the site (perhaps hoping to receive free tokens). Within seconds, these unsuspecting users' wallets were drained of all digital assets.
The data also shows that such attacks using the Rainbow Drainer netted thieves $2.15 million in the past few weeks. Dune analysis. Assets looted by these exploits include BONK, ZERO, USDT and USDC among other tokens.
Using Crossroads, hackers placed similar phishing links in Discord groups and hacked Twitter accounts, including those of a cybersecurity firm and a branch of Google. Mandiant. All told, such exploits are a net node drainer of $2.025 million, primarily in the form of ANALOS and BONK.
While it is not known how many individuals were behind these attacks, on-chain data suggests that at least a strong portion originated from a single individual or small group.
According to Scam Sniffer, a single wallet address associated with the wallets used Allbridge The money was exchanged for ETH and transferred again in order to transfer the stolen assets worth more than 1 million dollars to Ethereum.
Many crypto scams on Ethereum often focus on tricking users. Enrichment.
Edited by Andrew Hayward.
Stay on top of crypto news, get daily updates in your inbox.