Blockchain security company Scam Sniffer announced that it has detected two major phishing scammers within the Solana ecosystem. Throughout the past month, these malicious actors stole crypto assets worth $4.17 million from 3,947 users. According to Scam Sniffer, phishing scams typically involve direct transfers and exploit weaknesses in the transaction process.
Notable Methods in the Solana Network
During a phishing airdrop event discovered by Scam Sniffer on December 16, 2023, Rainbow Drainer stole crypto assets worth $2.14 million from 2,189 users. The phishing scheme involved a fake NFT airdrop event that led victims to unknowingly sign a malicious contract, resulting in the theft of their assets. The malicious actor managed to steal $464,817 worth of BONK, $173,382 worth of ZERO, $165,932 worth of USDT, and $93,266 in USDC.
Additionally, a second phishing scammer named Node Drainer began its operations through a Christmas event campaign. The malicious entity stole over $2 million from 1,762 users within two weeks. Scam Sniffer shared the following statement regarding the matter:
“An address associated with Node Drainer converted the stolen USDC assets into Ethereum via AllBridge, making over $1 million in profit.”
A hack attack conducted by Mandiant also found a connection related to Node Drainer. On December 25, 2023, alone, Node Drainer seized $638,644 worth of ANALOS, $325,432 worth of BONK, and $93,987 worth of SILLY tokens.
Phishing scams typically use airdrop events on phishing sites to deceive users, who encounter a simulated failure message upon site entry and are prompted to approve a transaction without visible details. This deceptive tactic results in users losing their assets. Last year, these wallet drainers stole approximately $300 million in crypto assets from around 324,000 users.
Beware of Scam Methods!
Meanwhile, according to Scam Sniffer, a privacy-focused web browser called DuckDuckGo is being preferred to perpetuate a phishing scam. The security firm reported that an unnamed individual lost $12,000 due to a deceptive scam advertisement on the platform.
A developer from DefiLlama, 0xngmi, confirmed that the search engine displayed a fake advertisement for the DeFi data aggregator. He explained that DeFiLlama’s URL appeared correct on DuckDuckGo. However, clicking on this URL redirected users to a malicious site, leading to the loss of their funds.
