Blockchain security firm Scam Sniffer has identified two significant phishing scammers within the Solana ecosystem, responsible for stealing $4.17 million in crypto assets from 3,947 users over the past month. The phishing scams typically involve direct transfers and exploit weaknesses during transaction processes.
The first scam, discovered during a fake NFT airdrop event on December 16, 2023, named Rainbow Drainer, swindled 2,189 users out of $2.14 million. Victims unknowingly signed a malicious contract, leading to the theft of their assets, including various cryptocurrencies such as BONK, ZERO, USDT, and USDC.
A second scammer, Node Drainer, initiated its scheme through a Christmas event campaign, stealing over $2 million from 1,762 users within two weeks. An associated address with Node Drainer converted stolen USDC assets to Ethereum via AllBridge, making over $1 million in profit.
Node Drainer was also linked to a hack attack conducted by Mandiant, capturing significant amounts of ANALOS, BONK, and SILLY tokens on December 25, 2023. Phishing scams often use airdrop events on phishing sites to deceive users, leading to asset loss.
Scam Sniffer warns that the privacy-focused web browser DuckDuckGo is being used to perpetuate phishing scams, with one individual losing $12,000 due to a deceptive ad. Additionally, a developer from DefiLlama confirmed the display of a fake ad for their DeFi data aggregator on DuckDuckGo, redirecting users to a malicious site and draining funds.