Solana Shock: $4M Crypto Heist Exposed In Web3 Scam

Over the past month, Solana [SOL] users have fallen victim to significant crypto theft, with malicious actors making more than $4 million, according to a detailed investigation by Scam Sniffer, a Web3 anti-scam platform.

Read the full article:https://t.co/oa1vvbcqS4
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) January 13, 2024

The investigation managed to uncover a somewhat complex phishing scheme that targeted around 400 who were the victims of Solana users. In this alarming episode, investigators tracked down two primary culprits. However, there are two sides to this key team: Rainbow Drainer and Node Drainer.

First, the event occurred at a point when an individual surfed inadvertently by going through a phishing website associated with a fake, non-fungible token airdrop. Therefore, the user lost assets while signing a malicious transaction, venturing further to open the website and falling for it. Rainbow Drainer still used this modus opened, by which more than one user lost their funds.

Incredibly, the system alerted the user that a simulation had failed before completing the transaction. In spite of this caution, they moved ahead, losing about 2.14 million advantages to include prominent Solana biological systems like BONK and ZERO at that point.

$2M Stolen, Node Drainer Strikes Solana

Another phishing incident emerged during the Christmas period, specifically targeting BONK holders. Over $2 million was extracted in less than two weeks, and one address linked to Node Drainer has already accumulated over $1 million in profit.

Scam Sniffer also revealed that Node Drainer was involved in the recent hacking of Mandiant’s X (formerly Twitter) account, indicating a connection between various cyber threats.

As you likely noticed, yesterday, Mandiant lost control of this X account which had 2FA enabled. Currently, there are no indications of malicious activity beyond the impacted X account, which is back under our control. We'll share our investigation findings once concluded.
— Mandiant (@Mandiant) January 4, 2024

Unlike Ethereum [ETH], Solana’s phishing incidents involve direct transfers. Despite Solana’s support for transaction simulation, advanced hacking strategies, including anti-simulation and fake simulation, continue to deceive users.

Previous reports from Scam Sniffer warned of the monthly escalating number of phishing websites, aligning with the growing prevalence of wallet drainer services. The platform highlighted the importance of user caution during airdrops, urging thorough research into projects and investors. It also advocated for adherence to official sources to prevent falling victim to scams.

Furthermore, the author’s views are for reference only and shall not constitute investment advice. Before purchasing, please ensure you fully understand and assess the products and associated risks.