A wallet draining scam linked to phishing campaigns on Google and X has stolen an estimated $58 million from victims over nine months.
Posted December 22, 2023 at 1:17 am EST.
Phishing scams have ramped up their operations over the last few months, stealing millions of dollars’ worth of crypto through malicious ads on popular platforms like Google and X.
According to an analysis by Scam Sniffer, a wallet drainer malware script was linked to phishing campaigns that drained around $58 million from 63,000 victims over the last nine months.
🚨1/ Alert: A ‘Wallet Drainer’ has been linked to phishing campaigns on Google search and X ads, draining approximately $58M from over 63K victims in 9 months. pic.twitter.com/ye3ob2uTtz
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) December 21, 2023
A wallet drainer works by tricking users into authorizising malicious transactions that end up draining the assets in their crypto wallets. This typically happens when users click malicious links in false advertisements that are actually phishing scams.
Some examples of these recent phishing scams that utilize the wallet drainer include a cluster of X phishing ads called “Ordinals Bubbles” and fraudulent links to popular crypto platforms like DeFiLlama and Lido.
These phishing ads have turned even more sophisticated, employing redirect tricks that appear legit as official domains, but actually lead to phishing websites.
8/ Analysis shows this wallet drainer stole about $58.98 million from 63,210 victims in 9 months through associated addresses.https://t.co/um9n53GFqN
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) December 21, 2023
“By targeting specific audiences through Google search terms and the following base of X, they can select specific targets and launch continuous phishing campaigns at a very low cost,” said Scam Sniffer.
Unlike other wallet drainers that charge a 20% fee of the scammers profits, the developers of this malware sell the source code for a flat fee and additional value-added modules as extras.
The frequency of wallet draining scams appears has increased over the last few months, with the perpetrators behind the software largely remaining anonymous. Last month, Unchained reported that “malware-as-a-service” platform Inferno Drainer had shut down after helping scammers steal $70 million worth of crypto.