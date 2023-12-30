Cybersecurity researchers are launching a warning regard to an increase in phishing attacks capable of emptying cryptocurrency wallets.

Why cryptocurrency wallet phishing is on the rise

“These threats are unique in their approach, targeting a wide range of blockchain networks, from Ethereum and Binance Smart Chain to Polygon, Avalanche and nearly 20 other networks, using a wallet emptying technique [wallet] cryptographic” they have declared Check Point researchers Oded Vanunu, Dikla Barda and Roman Zaikin.

A prominent contributor to this worrying trend is a well-known phishing group called Angel Drainer, which advertises a scam-as-a-service offering. charging a percentage of the stolen amount, usually 20% or 30%, by its collaborators in exchange for providing digital wallet emptying scripts and other services.

In late November 2023, a similar wallet draining service known as Inferno Drainer announced it was permanently shutting down its operations after helping scammers to looting over $70 million worth of cryptocurrencies from 103,676 victims since its launch in late 2022.

Web3 anti-scam solutions provider, Scam Sniffer, has described the seller in May 2023 as specializing in multi-chain scams and charging 20% ​​of stolen assets.

“It has been a long ride with all of you and we would like to thank you from the bottom of our hearts [sic]” said the perpetrator of the phishing scam in a message posted on his Telegram channeladding “Big thanks to everyone who worked with us like Drakan and every other customer, we hope you can remember us as the best emptyer that ever existed and that we were able to help you in your quest to make money.”

At the heart of these services is a cryptographic flushing kit designed to facilitate cyber theft illegally transferring cryptocurrencies from victims' wallets without their consent.

This typically occurs via airdrops or phishing scamstricking targets into connecting their wallets to fake sites propagated through malvertising schemes or unsolicited messages on social media and email.

Earlier this month, Scam Sniffer has described a scam that occurred precisely through the practice of phishing in which fake ads (those famous deceptive links that should never be clicked) of cryptocurrency platforms on Google and X (formerly Twitter) directed users to suspicious sites that emptied funds from users' digital wallets.

“The user is tricked into interacting with a malicious smart contract under the guise of requesting the airdrop, which stealthily increases the attacker's allocation via functions such as approve or permit” was stated by Check Point, and was then added “Unknowingly, the user gives the attacker access to their funds, allowing token theft without further user interaction. Attackers then use methods such as mixers or multiple transfers to obscure their tracks and liquidate stolen assets.”

To mitigate the risks posed by such scams, users are advised to use hardware wallets (i.e., download their data onto physical media such as SD cards, the hard drive of their PC or USB sticks, for example) for greater securityverify the legitimacy of smart contracts, and periodically review wallet permissions for signs of suspicious activity.

Conclusion

The risk of “data fishing” (phishing) is a complex and increasingly widespread topic which can only be mitigated with great awareness on the part of the end user, if the fish are aware the fishermen do not fish.