An escalating cyber threat has hit the digital currency landscape as a group of cybercriminals, dubbed "Pink Drainer,” pulled off a series of high-profile phishing attacks, resulting in nearly $3 million in stolen cryptocurrency.
Victims pile up in the thousands, with the Mainnet and Arbitrum chains heavily exploited. Web3-based fraud detection platform, ScamSniffer, has been closely monitoring the group's activities, revealing an intricate modus operandi.
“Through the analysis of stolen data on Mainnet, Arbitrum, BNB, Polygon, Optimism, and other chains, we found that the gang has stolen about $3 million in assets and has almost 1,932 victims,” reads ScamSniffer’s security advisory.
The hackers have been mimicking journalists from reputable crypto-centric publications like Decrypt and Cointelegraph.
With this disguise, they lure unsuspecting victims into mock interviews, at the end of which they ask for a KYC (know your customer) validation, leading the victims to deceptive websites harboring phishing scripts.
These scripts are designed to pilfer Discord authentication tokens, allowing the perpetrators to take over the victims' Discord accounts without needing traditional credentials or two-factor authentication codes.
Analysts suspect that the hackers may adapt their strategy depending on their targets, “for example, by guiding Discord administrators to open a malicious Carl verification bot and guiding them to add bookmarks containing malicious code,” ScamSniffer analysts explain. “After successfully obtaining permissions, hackers will also take a series of measures to make the entire attack process last longer.”
Threat actors take a series of extra steps to ensure their persistence on the compromised accounts, including removing other administrators, committing violations on the main account to attract a Discord ban, and giving administrator privileges to a rogue account.
This aggressive crypto-draining campaign raises the stakes in the cybersecurity landscape, highlighting a glaring vulnerability in widely used communication platforms like Discord.
Among the myriad of victims is an unfortunate individual who was deprived of $327,000 worth of Non-Fungible Tokens (NFTs) in a single incident. Renowned entities have also been caught in the crosshairs of the Pink Drainer group, including Steve Aoki, LiFi, Flare Network and Starknet.
Despite ongoing investigations and monitoring by platforms like ScamSniffer, Pink Drainer remains active, casting a long shadow over the cryptocurrency ecosystem. This underscores the pressing need for crypto users to exercise caution and constantly enhance their cybersecurity protocols.
Unfortunately, the opportunities for growth and innovation offered by the cryptocurrency sector are also attracting an influx of cyber threats.
It has now become more critical than ever for cybersecurity entities, regulatory bodies, and individuals to collaborate in mitigating these risks and ensuring a safer online environment.
Using specialized software such as Bitdefender Ultimate Security can help you avoid phishing attempts and other cyberthreats. Key features include:
tags
Vlad's love for technology and writing created rich soil for his interest in cybersecurity to sprout into a full-on passion. Before becoming a Security Analyst, he covered tech and security topics.
View all postsNovember 14, 2024
September 06, 2024