Crypto wallet drainers, or sweepers, are malicious smart contracts that can quickly empty a crypto wallet of its funds and are a standard tool for phishing scammers.
Four major crypto drainers have emerged to fill the vacuum left by the notorious wallet sweeper Monkey Drainer, with thousands of victims targeted and millions in crypto stolen already this year.
The crypto drainers — called Pink Drainer, Inferno Drainer, Pussy Drainer, and Venom Drainer — have together stolen $66.4 million in total since around the start of 2023 according to Dune dashboards complied by Web3 anti-scam platform Scam Sniffer.
Venom Drainer has stolen nearly $27.5 million since February, the most out of the group. Inferno Drainer is second with over $21.2 million stolen since January but has three times the number of victims at nearly 45,800.
Pussy Drainer and Pink Drainer together have been used to steal from over 6,000 victims with $17.5 million in funds pilfered across the two. Monkey Drainer was estimated to have stolen about $13 million worth of digital assets in total during its reign.
Crypto drainers work by having the victim unknowingly agree to a malicious transaction in their crypto wallet that allows a smart contract to transfer out a portion of assets or the entire contents of the wallet, depending on the transaction that was signed.
Scam Sniffer told Cointelegraph that most crypto drainers are rented out to groups undertaking phishing scams and the drainer takes a percentage cut of the loot.
Many operate on this pricing model but some have an additional access fee. Blockchain security firm CertiK explained that Inferno — like many other drainers — “has a 20% commission” while Venom has “introduced an initial $1,000 fee” for first-time users.
Scam Sniffer said some draining services advertise “add-ons” such as including malicious signature requests that emulate popular nonfungible token (NFT) marketplaces such as Blur and X2Y2.
“In the NFT space, there are a lot of protocols that use unreadable signatures like Seaport, Blur and X2Y2,” Scam Sniffer explained. “If the victims have assets on Blur, the drainers could launch particular malicious signatures to steal NFTs approved to trade on Blur.”
3/ Blur’s bulk listing requires users to sign a Root, which is unreadable for users. this Root is the Merkle Tree Root generated by multiple Order hash. pic.twitter.com/RxAsJp0Urv
— Scam Sniffer (@realScamSniffer) June 26, 2023
Not all drainers are around forever though. According to Scam Sniffer, once the person or people behind a drainer steal a certain amount of funds, they will announce they’re quitting — likely an attempt at staving off law enforcement.
Related: Crypto scams are going to ramp up with the rise of AI
However, it added as one crypto drainer leaves another takes its place “because it’s profitable! […] And no one has been arrested so far.”
The are currently multiple crypto-draining services making the rounds on Telegram. CertiK shared images with Cointelegraph showing other drainers named Angel, Spawn, Whale and Atomic.
In March, the crypto-draining service Monkey Drainer announced they were “shutting down” saying it was “time to move on to something better.”
The person behind Monkey Drainer pointed their “fellow cyber-gangsters” to Venom, touting it as a “flawless” service.
Magazine: Should you ‘orange pill’ children? The case for Bitcoin kids books