NFT drainers, such as Inferno and Venom, initiate phishing attacks through Discord servers and Twitter accounts. The result has been the theft of $73 million through the theft of approximately 32,000 wallets. In the process, it has affected a total of 900 Discord servers. If numbers are considered, there has been a total theft of roughly $73 million of NFTs and tokens.
Recently, a Discord moderator was approached by a supposed journalist who requested a form-filling exercise. Through this, he was able to make an entry into the Discord server and take complete control. A declaration was made regarding a false airdrop, which witnessed everyone shifting to a phishing site. The resultant factor was that the hacker managed to siphon off NFTs as well as tokens equivalent to one million dollars.
The general modus operandi is to buy drainer codes from developers. This is carried out on Telegram as well as Discord. The resultant factor is that the servers get affected and, through false websites, siphon off NFTs.
The perpetrators behind these attacks often purchase drainer code from developers on Telegram and Discord, using it to compromise servers and advertise fake websites to steal NFTs. Surprisingly, many of these attackers are young individuals. While law enforcement’s interest in catching these attackers is lacking, steps can be taken to protect against such attacks, such as using security-focused wallet extensions and practicing safe storage and usage of wallets.
According to Plum, a security researcher, the surprising fact is that roughly 90% of the hackers are under eighteen years of age. The fact that most of the attacks occur during the summer break is attributed to this reason. The siphoned-off money is then splurged on personal items, prioritizing the Roblox skins.
In some cases, the youngsters forward their own details to people from under-developed countries and get listed on the exchanges to remain under the radar. In the case of North Korea, they are known to use their own drains.
Monkey was the initial NFT drainer. They managed to walk off with a total of 2,200 NFTs worth $9.3 million, with an additional $7 million in the form of tokens. After a while, they went off the air, and in their place came Venom. It left 15,000 victims affected. They utilized a total of 530 phishing sites. Following this was Inferno, as well as Pussy.
However, in the case of the drainer Pink, Fantasy, a security professional and co-founder of a crypto security company called BlockMage, believed it was more new-age and more sought-after. Upon a closer look at the source of funding, it turned out that BlockDev was involved. However, from his point of view, the modus operandi of the drainers remains the same, with a couple of twists here and there. As per Plum, the solution lies in safety-oriented wallet extensions, which are effective for safeguarding wallets. It is also wise to utilize and store various wallets in cold wallets.