Cryptocurrencies: 12,866
Markets: 940
Marketcap: $ 2.05 T(0.79%)
24h Vol: $ 87.19 B
BTC Dominance: 48.87%

Scammers Drain $3 Million From Crypto Users in Fake Website Holiday Scam

Cybercriminals stole over $3 million in cryptocurrency from unsuspecting victims this Christmas season through fake cryptocurrency websites, according to threat intelligence firm Scam Sniffer.

How the scam worked

The fraudulent sites were promoted via Google search ads, impersonating popular crypto platforms like Zapper, Lido, and DefiLlama. Victims who visited these phony websites were deceived into authorizing transactions that drained their crypto wallets.

The scam, known as a wallet draining scam, exploits the token approval process on blockchain networks. Scammers utilized MS Drainer, wallet-draining malware, to automate the unauthorized withdrawals of crypto assets from victims’ wallets.

Large scale operation

Scam Sniffer reported that the scammers bypassed Google ad screening with regional targeting and frequent changes of landing pages. Over 10,000 fraudulent sites linked to MS Drainer were identified, with peak activity in November.

MS Drainer was sold on hacking forums for $1,499, offering scammers a wallet-draining service with fixed upfront fees, without taking a cut of the profits.

Increased attacks on crypto users

There’s been an increase in wallet-draining hacking attacks in decentralized finance, with notorious tools like Inferno and Monkey Drainer being used to steal millions in cryptocurrency. The latest scam highlights the need for heightened vigilance among crypto investors and improved security measures by digital advertising platforms.

The case emphasizes the persistent threat of cybercriminals targeting cryptocurrency owners, especially during holiday seasons when more people may let their guard down.


Latest News