Crypto Drainers Plague the Entire Blockchain Landscape

May 27, 2024

As the cryptocurrency market evolves, so do the tactics employed by malicious actors aiming to steal user funds. One of the latest threats, known as crypto drainers, has been increasingly prevalent in recent years. Unlike traditional methods such as private key theft and smart contract exploitation, drainers pose as web3 projects to deceive victims into granting them control of their crypto wallets. These scams have affected a wide range of users, including high-profile figures like Mark Cuban and Seth Green. The amounts stolen can be staggering, with some drainers reportedly syphoning off millions of dollars from their victims. Recently, Chainalysis provided detailed insights into the workings of crypto drainers.

Understanding How Crypto Drainers Operate

A crypto-drainer is essentially a phishing tool tailored for the Web3 ecosystem. Instead of stealing usernames and passwords, the operators of these scams disguise themselves as legitimate Web3 projects. They lure victims into connecting their crypto wallets to the drainer and approving transaction proposals, which effectively grants the scammers control over the funds in the victims' wallets. Once the attack is successful, the drainers can instantly steal the users' funds. These fraudulent web sites are often promoted within Discord communities and through compromised social media accounts.

The Impact of Crypto Drainers on the Crypto Ecosystem

Determining the total amount stolen by crypto drainers is challenging due to underreporting, but available data suggests that these scams are significant in scale. The quarterly growth rate in the value stolen by drainers has even outpaced that of ransomware, another rapidly growing category of cybercrime. After stealing digital assets, the criminals typically use various crypto services to launder the funds or convert them into cash. Since 2021, there has been a noticeable increase in funds sent by drainers to mixing services, while funds sent to centralised exchanges have decreased. Some drainers also use gambling services, albeit on a smaller scale.

Bitcoin's Encounter with Crypto Drainers

While most drainers operate within the Ethereum ecosystem, an unusual drainer exploiting the Bitcoin blockchain has been identified. This drainer created a fake web page posing as Magic Eden, the primary NFT platform for Bitcoin Ordinals. As of April 2024, this drainer has allegedly stolen approximately $500,000 in over 1,000 malicious transactions. Despite Bitcoin not being as widely used for web services as other assets, several other Bitcoin drainers have already targeted the ordinary trading community.

Preventing Crypto Drainer Attacks

As the operators of crypto drainers become increasingly sophisticated, it is crucial for Web3 projects and users to implement various security measures to guard against these scams. Web3 security extensions, such as Wallet Guard, can identify phishing pages and websites and assess the security risks associated with cryptocurrency wallets. Users can also reduce their exposure to drainers by using an offline wallet to store valuable or large volumes of assets and transferring funds to a hot wallet only when necessary. Additionally, users should be cautious of links promoted in chat rooms or on social media, which may not be associated with a project's official account. If a user needs to connect to an unfamiliar web site, they can create a temporary wallet that doesn't contain any assets and connect it to the site. If a victim's assets are stolen by a drainer, they can cancel incomplete transactions to mitigate losses.