Phishing scammer Monkey Drainer has pilfered as much as $1M in Ethereum

Published at: Oct. 27, 2022

An alleged phishing scammer going by the pseudonym “Monkey Drainer” has reportedly swiped around $1 million worth of Ether (ETH) via dubious copycat NFT minting websites this week. 

Well-known blockchain sleuth ZachXBT was one of the first to track and highlight the activity, outlining on Oct. 26 that:

“Over the past 24 hrs ~700 ETH ($1m) has been stolen by the phishing scammer known as Monkey Drainer. They recently surpassed 7300 transactions from their drainer wallet after being around for only a few months.”

“The two largest victims over the past day include 0x02a & 0x626 who collectively lost $370k from signing transactions on malicious phishing sites,” ZachXBT added.

The blockchain scam investigator also went on to assert that longer term, Monkey Drainer has allegedly stolen more than $3.5 million from their schemes, with “that number rapidly increasing by each day.”

6/ Please be extra diligent before visiting unknown sites, connecting your wallet, and signing transactions.Am still away on holiday for another week or so but wanted to get this post out as my bot notifications have been blowing up from this.

— ZachXBT (@zachxbt) October 25, 2022

Phishing scams often involve criminals sharing links to websites impersonating real projects or companies designed to dupe victims into handing over private credentials by offering an exciting buying opportunity or free promotion.

Four addresses, in particular, have been flagged relating to Monkey Drainer, including the monkey-drainer.eth address.

Upon searching these addresses on blockchain community-driven Web3 security network Chainabuse, it currently shows a long list of reports relating to airdrop scams, NFT scams, and phishing attacks.

The reported incidents include airdrop scams via the Astrobot Society discord channel, a Fake Wolf Game and Bored Ape Yacht Club marketplace, and a fake Aptos Airdrop to name a few.

Web3 security community Wallet Guard also responded to ZachXBT’s Twitter thread and stated that it had “spotted several other mint sites recently created” that had Monkey Drainer on the backend, including a fake Garbage Friends whitelist link that was a phishing website.

Related: FTX to give a ‘one-time’ $6M compensation to phishing victims

ZachXBT has become a respected independent blockchain investigator over the past couple of years, bringing to light a lot of nefarious behavior in the space.

Earlier this month, the deputy chief of France’s national cyber unit Christophe Durand even cited ZachXBT’s work for helping officials track phishing scams of five people suspected of stealing $2.5 million worth of NFTs.

Tags
Nft
Related Posts
Battle of the bots: WTF token launch drains 58 ETH
Fees.wtf is a simple service that shows Ether (ETH) users their lifetime spend on Ethereum blockchain transactions by measuring gas. You plug in your wallet address on their website and they tell me how much gas you spent. The project released their token, WTF, in an airdrop Friday at midnight. Essentially, users would be able to claim WTF tokens as well as a “Rekt” NFT for 0.01 ETH. The Rekt NFT grants lifetime access to the pro version of fees.wtf. According to their Discord announcement, the initial launch would offer 100 million of WTF and the “circulating supply will be …
Blockchain / Jan. 14, 2022
MetaMask warns Apple users over iCloud phishing attacks
ConsenSys-owned crypto wallet provider MetaMask has sent out a warning to the community regarding Apple iCloud phishing attacks. The security issue for iPhone, Mac and iPad users is related to default device settings which see a user’s seed phrase or “password-encrypted MetaMask vault” stored on the iCloud if the user has enabled automatic backups for their application data. In a Twitter thread posted on Monday, MetaMask noted that users run the risk of losing their funds if their Apple password “isn’t strong enough” and an attacker is able to phish their account credentials. To fix the issue, users can disable …
Blockchain / April 18, 2022
Bored Ape Yacht Club NFTs stolen in Instagram phishing attack
As told by Bored Ape Yacht Club (BAYC) developers on Monday, hackers breached the popular nonfungible token (NFT) collection’s official Instagram page and shared links to a fake airdrop with the project’s followers. Crypto enthusiasts who connected their MetaMask wallets to the scam website were subsequently drained of their Ape NFTs. It appears that the attack was planned to coincide with the one-year anniversary of the launch of the BAYC collection, thus increasing the “perceived credibility” of the phishing link. Unconfirmed reports on social media indicate that approximately 100 NFTs were stolen during the phishing attack. Based on data from …
Adoption / April 25, 2022
Google Ads-delivered malware drains NFT influencer’s entire crypto wallet
An NFT influencer claims to have lost “a life-changing amount” of their net worth in nonfungible tokens (NFTs) and crypto after accidentally downloading malicious software found in a Google Ad search result. The pseudo-anonymous influencer known on Twitter as “NFT God” posted a series of tweets on Jan. 14 describing how his “entire digital livelihood” came under attack including a compromise of his crypto wallet and multiple online accounts. Last night my entire digital livelihood was violated. Every account connected to me both personally and professionally was hacked and used to hurt others. Less importantly, I lost a life changing …
Blockchain / Jan. 16, 2023
Moonbirds creator Kevin Rose loses $1.1M+ in NFTs after 1 wrong move
Kevin Rose, the co-founder of the nonfungible token (NFT) collection Moonbirds, has fallen victim to a phishing scam leading to more than $1.1 million worth of his personal NFTs stolen. The NFT creator and PROOF co-founder shared the news with his 1.6 million Twitter followers on Jan. 25 asking them to avoid buying any Squiggles NFTs until they manage to get them flagged as stolen. I was just hacked, stay tuned for details - please avoid buying any squiggles until we get them flagged (just lost 25) + a few other NFTs (an autoglyph) ... — KΞVIN R◎SE (,) (@kevinrose) …
Blockchain / Jan. 26, 2023