The hacker delivered phishing links to victims after posing as journalists from reputable media organizations. As soon as victims clicked on the fraudulent links and followed the instructions, they lost their valuables. The criminals seem to have gotten away with nearly $3 million from 1,932 victims, according to a review of stolen cash on Mainnet, Arbitrum, BNB, Polygon, Optimism, and Other Chains.
According to victims’ reports of the breach events, access seems to have been acquired via meticulously constructed social engineering assaults that resulted in Discord token thefts.
Pink Drainer has also been responsible for multiple NFT thefts in recent months. Blur, an NFT marketplace, does not often provide private postings. Each user on the site may complete any listing. Pink Drainer, on the other hand, has discovered a method to buy products on Blur for almost no Ether (ETH). This is accomplished by making use of the royalties system in a novel way.
Arbitrage bots would often outrun a fraudster who duped a victim into generating a Bogus listing for the smallest amount of ETH. These bots are prepared to spend the majority of the NFT’s worth in fees to block validators, ensuring the acquisition for themselves. This is not a great environment for phishing hackers like Pink Drainer.
Scammers have been known to phish signatures in order to advertise products over the floor price, with their own address specified as the royalty receiver receiving 100% royalties. Pink Drainer, on the other hand, has taken this notion a step further.
Pink Drainer assigns a royalty recipient 100% royalties, but instead of assigning the recipient to themselves, they assign the recipient to a contract. For any transaction in which Pink Drainer is not the originator, this contract reverts.
DISCLAIMER: The information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.