Eliya Stein • 1 minute read
How One "Crypto Drainer" Template Facilitates Tens Of Millions Of Dollars In Theft
Our previous blog provided an overview of Web3 phishing techniques and tactics, all of which continue to be relevant despite a recent economic downturn in the crypto markets. Today, we offer a deeper dive into a specific category of Web3 phishing pages called “Crypto Drainers” and one of the more prolific actors behind them. We will see how one Crypto Drainer template was responsible for over 2,000 ETH in losses in a short period of time.
Crypto Drainers are phishing pages that lure victims into signing malicious transactions that allow the attacker to siphon their crypto and NFTs. Typically these websites piggyback off of well known or emerging NFT projects. The websites themselves are primarily promoted via spam campaigns on social networks and Discord.
The way most crypto drainers work is relatively straight forward:
- Fake NFT minting pages with an artificial countdown to create urgency.
- Victim connects their wallet to “mint”.
- Check if the victim address owns any valuable NFTs.
- Victim signs transaction(s) to transfer ownership of NFTs.
- Victim sends a transaction to the attacker for the cost of the fake “mint”, but this transaction is not a contract interaction.
- Rinse & repeat.