Türkçe
Español
Blockchain security company Scam Sniffer announced that it has detected two major phishing scammers within the Solana ecosystem. Throughout the past month, these malicious actors stole crypto assets worth $4.17 million from 3,947 users. According to Scam Sniffer, phishing scams typically involve direct transfers and exploit weaknesses in the transaction process.
Notable Methods in the Solana Network
During a phishing airdrop event discovered by Scam Sniffer on December 16, 2023, Rainbow Drainer stole crypto assets worth $2.14 million from 2,189 users. The phishing scheme involved a fake NFT airdrop event that led victims to unknowingly sign a malicious contract, resulting in the theft of their assets. The malicious actor managed to steal $464,817 worth of BONK, $173,382 worth of ZERO, $165,932 worth of USDT, and $93,266 in USDC.
Additionally, a second phishing scammer named Node Drainer began its operations through a Christmas event campaign. The malicious entity stole over $2 million from 1,762 users within two weeks. Scam Sniffer shared the following statement regarding the matter:
“An address associated with Node Drainer converted the stolen USDC assets into Ethereum via AllBridge, making over $1 million in profit.”
A hack attack conducted by Mandiant also found a connection related to Node Drainer. On December 25, 2023, alone, Node Drainer seized $638,644 worth of ANALOS, $325,432 worth of BONK, and $93,987 worth of SILLY tokens.
Phishing scams typically use airdrop events on phishing sites to deceive users, who encounter a simulated failure message upon site entry and are prompted to approve a transaction without visible details. This deceptive tactic results in users losing their assets. Last year, these wallet drainers stole approximately $300 million in crypto assets from around 324,000 users.
Beware of Scam Methods!
Meanwhile, according to Scam Sniffer, a privacy-focused web browser called DuckDuckGo is being preferred to perpetuate a phishing scam. The security firm reported that an unnamed individual lost $12,000 due to a deceptive scam advertisement on the platform.
A developer from DefiLlama, 0xngmi, confirmed that the search engine displayed a fake advertisement for the DeFi data aggregator. He explained that DeFiLlama’s URL appeared correct on DuckDuckGo. However, clicking on this URL redirected users to a malicious site, leading to the loss of their funds.
