The crypto space offers a wide variety of tools for the financial empowerment of individuals, but it is also fraught with dangers. Innovations such as smart contracts can make it easier to trade digital assets. But they can also be a drain on wallets.
Cryptocurrency drains are smart contracts. They can empty a wallet in a matter of minutes. These malicious smart contracts are often included in social engineering strategies, primarily phishing, to trick victims into signing fraudulent transactions.
There are a number of ways to do cryptocurrency wallet drains safely. None of them are foolproof, as part of the success of wallet drains is due to the poor security practices of the users. Operation in regulated and trusted environments greatly reduces the risks.
How Do Cryptocurrency Drains Work?
The rise of cryptocurrency drains has allowed cybercriminals to perfect their drain tools, even allowing automation of wallet identification and funds calculation. However, the basic operation of the drains is quite similar in all of the cases.
First, we have the wallet drainer: malicious code that initiates fraudulent transactions, diverting funds from victims’ wallets to those of cybercriminals. Transaction obfuscation is often part of the attack to make it harder to track.
Bait and switch is the other component. Victims must be signatories to transactions, either directly or indirectly. In order to do this, cybercriminals use a variety of tricks: they create Google ads, post malicious links on social networks, or pretend to be the official websites of exchanges or crypto projects.
Scammers even go so far as to contact victims directly. They use social engineering techniques such as forging documents and impersonating salespeople. Depending on the target, the scam can take days, weeks, or months to complete before the victim signs the transaction and gets stolen.
How to Protect Yourself from Cryptocurrency Drains?
Understanding how cryptocurrency drains work is the first step in protecting yourself from these thefts. But these are sophisticated malicious applications, programs, and smart contracts. Developed by experienced hackers, there are very powerful drains.
It is advisable to keep up with the development of these drains. Unfortunately, this is a growing market. The most important cryptocurrency drains that are offered to potential cyber criminals or experienced fraudsters are successful, even with commissions of up to 20%.
This is the case with cryptocurrency drainers like Inferno, Venom, Pink and Monkey. Most of them are offered via Telegram, where developers communicate privately with their customers. They even announced their withdrawal from the market in the case of Monkey Drainer.
Cryptocurrency Drainers: A Real Threat?
Cryptocurrency leaks are just smart contracts, blocks of code. By themselves, they are not a direct threat. In order for them to have an effect, there must be some form of interaction with the victim. That’s where the real danger comes in: the skills hackers and scammers have developed.
Obviously, lacking prevention and unawareness increases the effectiveness for drain theft. The big problem, which affects both beginners and experts, is the variety of strategies implemented by cybercriminals.
From anonymous users who share their private keys to crypto influencers like NFT God, who lost his digital assets after downloading a program from a Google ad, no one is safe from attack and theft.
The threat of wallet drains is real, but much of the success of these thefts is due to the sophisticated social engineering strategies that enable the use of the drains. The proliferation of this type of theft will result in $300 million in losses in 2023, according to Scam Sniffer.
By Leonardo Perez