Over $4 Million Worth of Assets Stolen By Solana Wallet Drainers: Scam Sniffer
Blockchain security firm Scam Sniffer says over $4 million worth of digital assets have been stolen by Solana wallet drainers in phishing attacks in the past month.
Solana users should be vigilant for phishing attacks
In a recent report, the firm tracked multiple activities of bad actors across phishing websites that target Solana users and the evolving methods used by these sites to target vulnerable digital asset users.
1/ 🚨 Over $4M in assets have been stolen by sophisticated Solana wallet drainers, and nearly 4k users have fallen victim to these phishing attacks in the past month. pic.twitter.com/qyNQthr7Wk
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) January 13, 2024
The activities of the listed bad actors led to about $4.17 million in asset losses from 3,947 users across several phishing campaigns as the number of phishing incidents continues to grow in the wider market.
Scam Sniffer received reports from a user about an airdrop phishing incident that involved a fake non-fungible token (NFT) offering leading to loss of assets after signing the transaction.
This model of phishing scams was carried out targeting ZERO token holders with links to fake NFT sites and subsequent deployment of links through the tokens.
Further investigation reveals that opening the links was met with a message of failed simulation, leading to the victim’s confirming the transaction, the details of which were hidden.
According to a report from Dune, approximately $2.14 million has been lost targeting 2,189 victims with tokens such as BONK, ZERO, USDT, and USDT lost.
Bad actors turn to sophisticated schemes
Per the report, scammers in the past months have resorted to a more sophisticated phishing technique used to exploit victims leading to losses amid security efforts taken by firms.
The new model spotted involved scammers accruing out phishing activities without any deployment of NFTs because the Solana network doesn’t blacklist those NFTs. Node Drainers was spotted in the links shared on X (formerly Twitter) after the social media account of Mediant was hacked, claiming to distribute Phantom tokens to users.
“The $PHNTM distribution has officially started. Our snapshot recorded over 250,000 wallets, head over to our website to check if you are eligible to claim… the amount of tokens you will receive depends on your portfolio and snap position.”
This new model wiped out about $2.02 million from the market from 1,759 users in less than two weeks raising the total figure to nearly $4 million.
While firms continue to increase efforts to block scammers, bad actors devise new schemes to divert user funds through phishing links.
“We have also noticed they self-hosted a Matomo instance and tracked each step. they are trying to track data to improve conversion rates. This also appeared in the Christmas phishing campaign targeting Bonk holders, through the transaction ID issued in their channel. We linked this to the associated on-chain data.”
Cryptonews reported the growing rate of phishing scams across 2023, leading to over $375 million in losses per Chainalysis data with firms advising users not to sign transactions unless they trust the platform.
