Singapore Authorities Raise Concerns Around Crypto Draining Kits

Cybersecurity phishing attack Singapore
Last updated:
Journalist
Journalist
Tanzeel Akhtar
Author Categories
About Author

Tanzeel Akhtar has been covering the cryptocurrency and blockchain sector since 2015. She has written for the Wall Street Journal, Bloomberg, CoinDesk, Bitcoin Magazine and Bitcoin.com.

Last updated:
Why Trust Cryptonews
Cryptonews has covered the cryptocurrency industry topics since 2017, aiming to provide informative insights to our readers. Our journalists and analysts have extensive experience in market analysis and blockchain technologies. We strive to maintain high editorial standards, focusing on factual accuracy and balanced reporting across all areas - from cryptocurrencies and blockchain projects to industry events, products, and technological developments. Our ongoing presence in the industry reflects our commitment to delivering relevant information in the evolving world of digital assets. Read more about Cryptonews

Singapore police authority and the Cyber Security Agency of Singapore have raised concerns around cryptocurrency draining kits.

In a joint statement, the authorities warned that cybercriminals are increasingly leveraging cryptocurrency drainers and targeting owners of digital wallets.

What is a Crypto Drainer?

A crypto drainer is a type of malware targeting digital wallets and works by exploiting any vulnerability. For example, when you send cryptocurrency from one wallet to another, you need to sign the transaction with your private key.

The private key is like a password that allows you to authorise transactions from your wallet. Drainers are often deployed as a phishing attack when the user is tricked into clicking a malicious link.

Although the Singaporean authorities are raising concerns, they add, “While such cases have not been observed in Singapore, members of the public should remain alert to such cyber attacks that are happening globally.”

The authorities warn of other scams which include unsuspecting victims connecting their crypto wallets to a website and then asked to authenticate their accounts using private keys and seed phrases.

Once a connection is made cybercriminals begin infiltrating cryptocurrencies out of the victim’s wallets. Another popular scam includes airdrops – the distribution of free tokens.

Drainers and Recent Hacks

In December, cryptocurrency hacking group, Pink Drainer was linked to the recent $4.4 million LINK user drain, increasing the number of their victims to 9,068 with a total of $18.7 million stolen.

Cybercrime, including impersonations, hackings and crypto-jacking in the cryptocurrency sector are common. Just last month, the US Securities and Exchange Commission (SEC) social media account, X was compromised when it posted the fake spot Bitcoin ETF approval announcement.

Here are the most common risks in the cryptocurrency sector.

Phishing Attacks:

This is when users can be tricked into revealing their private keys or login credentials through phishing emails or websites. This involves the practice of sending fraudulent communication.

Hacks and Cryptocurrency Exchanges: Cryptocurrency exchanges are often targeted for large-scale thefts. If an exchange is compromised, users’ funds can be at risk.

Third-party Applications and Software: Third-party applications are any applications that aren’t created or supported by the maker of the device the app is installed on. Hackers may find new ways to exploit bugs in third-party software to retrieve sensitive information.

Wallet Vulnerabilities: Malicious actors can exploit vulnerabilities in cryptocurrency wallets to steal funds.

Smart Contract Flaws: Vulnerabilities in smart contracts can be exploited to drain funds from decentralized applications (dApps) or blockchains.

Ponzi Schemes: Fraudulent schemes promising high returns can deceive users into investing their cryptocurrencies, resulting in significant losses.

Social Engineering: Manipulating individuals to disclose sensitive information or transfer funds through social engineering tactics is another risk. Social engineering isn’t a direct cyber-attack. It is when actors with bad intentions gain the trust of their targets, so they lower their guard and give up sensitive information.

Insider Threats: Employees or individuals with insider access to sensitive information can misuse their privileges to steal funds or sensitive information.

Mitigating Cybersecurity Risks: To mitigate these risks, users and organizations should adopt best practices, such as using hardware wallets, keeping software up-to-date, and conducting thorough due diligence before investing or participating in cryptocurrency transactions.

Setting up 2FA is an important first step for security because it immediately neutralizes the risks associated with compromised passwords.

 

More Articles

Altcoin News
Ethereum (ETH) Slides Under $2,600 – Is a Rebound Coming?
Joel Frank
Joel Frank
2025-02-11 20:40:16
Blockchain News
What’s Happening in Crypto Today? Daily Crypto News Digest
Sead Fadilpašić
Sead Fadilpašić
2025-02-11 20:06:47
Crypto News in numbers
editors
Authors List + 66 More
2M+
Active Monthly Users Around the World
250+
Guides and Reviews Articles
8
Years on the Market
70
International Team Authors