Solana Wallet Drainers Deploy New Strategy To Appear Trustworthy

It seems that crypto scammers have devised new strategies to dupe the innocent. Solana (SOL) wallet drainers are trying their best to look legitimate and trustworthy so even the ones who have stayed alert against these scams can be targeted. Recently, these fraudsters have created vanity addresses to promote their legitimacy and leverage profits from the Solana community.

What Is Wallet Drainers’ New Strategy?

According to a post on X by Scam Sniffer, a platform that reveals Web3 scams, drainers targeting the Solana ecosystem are generating vanity addresses that end with ‘11111’. The post read, “Solana wallet drainers are now creating vanity addresses that end in ‘11111’ to appear trustworthy.” To prove the claim, Scam Sniffer attached a snapshot wherein the wallet address, eWxJC…11111, was highlighted.

This update comes after these scammers extended their way into the Ethereum (ETH), Solana, and Tron (TRX) ecosystems. Earlier, Coingape reported that crypto wallet drainers have been engaging in an airdrop scam. In a recent post on X, Scam Sniffer unveiled that these fraudsters have expanded their reach into ETH, SOL, and TRX communities.

The fake airdrop was marketed as an “exclusive opportunity” for crypto enthusiasts. Moreover, the airdrop scam aimed to lure people into connecting their wallets to receive ETH, SOL, and TRX rewards.

Given the popularity and reputation of these crypto networks, it can be estimated that several people could have been victims of the phishing scam. Moreover, now the situation has worsened since crypto hackers are not leaving any opportunity to brand themselves as ‘legitimate’.

Also Read: Scam Alert: Crypto Hackers Lure Ethereum, Solana & Tron Communities Into Fake Airdrop

Over $900K Solana Lost In Wallet Drainer Scams

On January 3, 2024, Mandiant’s X account was compromised, leading to the distribution of links to a cryptocurrency drainer phishing page. The cybersecurity firm reclaimed access to the account within a few hours. Thereafter, the company released information regarding the CLINKSINK drainer used in the attack.

According to Mandiant’s report, since December 2023, several scammers have employed the CLINKSINK drainer in campaigns targeting Solana users. These drainers acted as scripts or smart contracts and exploited victims by tricking them into approving transactions. This results in massive fund or token losses.

The release noted that identified campaigns involved 35 affiliate IDs associated with a drainer-as-a-service (DaaS). The DaaS operators supply scripts to affiliates for a 20% share of stolen funds. Furthermore, the more than $900,000 worth of SOL has been lost in such Solana scams

In observed campaigns, the crypto scammers utilized social media and chat apps like X and Discord to distribute CLINKSINK-themed phishing pages, luring victims with fake token airdrop rewards. These pages mimicked legitimate cryptocurrency resources like Phantom and DappRadar. Victims. Hence, the victims connected their wallets and unknowingly signed transactions for the fake airdrop, allowing the CLINKSINK drainer to siphon their funds.

Also Read: CoinGecko Hit by Phishing Scam; Users Warned of Fake Airdrop