Over the past 24 hours, one of the most popular scammers in the NFT and crypto industry, "Monkey Drainer," stole approximately $1 million, or 700 ETH from various wallets. Two of the biggest victims are wallets ending in 0x02a and 0x626, which collectively lost $370,000.
The main instrument used by the scammer is phishing. Technically, blockchain and noncustodial wallets remain safe and sound and the only way of getting access to funds stored in them.
2/ The two largest victims over the past day include 0x02a & 0x626 who collectively lost $370k from signing transactions on malicious phishing sites operated by monkey drainer such as the ones below. pic.twitter.com/HRwmP08UWn
— ZachXBT (@zachxbt) October 25, 2022
The most common way of accessing NFTs is through phishing links. Users usually receive malicious contents in their email, proceed to a link and then type in sensitive data enough for hackers to access their wallets.
Luckily, some transactions were rejected by the network, thanks to the fact that Drainer's wallets have been marked and are now rejected by the majority of validators. ZachXBT issued a warning about the method used by the scammer.
The only way to protect funds, users should abstain from visiting unknown sites that allow them to connect their wallets and sign any kind of transaction. Even a transaction that looks like a simple transfer might become the key to NFTs or other assets contained in wallets.
Two of the biggest examples were phishing websites covered as AirDrop pages of popular projects like Aptos and RTFKT. Thanks to the hype around Aptos, users were looking for a way to increase their APT holdings by getting some free tokens. After proceeding to the website and entering their wallet's address and signing transactions, scammers had access to their funds.
It is not clear if Drainer has access to any other wallets, so new fraudulent transactions may appear on the network in the future.
Gamza Khanzadaev
Godfrey Benjamin
Denys Serhiichuk