The co-founder and CEO of a startup cryptocurrency wallet said he lost $125,000 in crypto in a scam, becoming among the latest victims of the growing threat of wallet drainer malware that one cybersecurity firm stole almost $300 million from more than 320,000 victims last year.
In this case, Bill Lou wrote in a lengthy post on X that he clicked on what he thought was a legitimate link in a - since removed - article on Medium that sent him to a site where he was asked to sign a message on his MetaMask wallet.
He believed he was claiming a legitimate LFG airdrop - airdrops are marketing tools designed to promote cryptocurrency projects, sometimes by giving away smaller amounts of tokens or crypto - that launched this week.
Wallet draining malware is deployed via phishing schemes that trick users into signing malicious transactions, enabling the bac actors to steal assets from crypto wallet.
The schemes can include not only airdrop phishing campaigns, but also scam ads, front-end attacks like DNS and supply chain attacks, and hacks on messaging sites like X and Discord.
For threat groups, it can be a lucrative venture for groups that sell wallet drainer services, which can demand a 20% fee on what those services bring in.
Given that, it's not surprising that there are hackers that are eager to get in on the scams.
Monkey Drainer was exposed by digital detective outfit ZackXBT after being in operation for six months, with Venom Drainer quickly taking over most of the group's clientele and pulling in $27 million in stolen crypto, Scam Sniffer said.
In the case of Nest Wallet's Lou, he apparently was among a number of people hit up by the LFG scam.
Others recounted their own experience losing crypto to scams.
That said, Lou wrote he could only blame himself for his carelessness, noting that at the time he clicked on the malicious link, it was late at night.
This Cyber News was published on securityboulevard.com. Publication date: Fri, 05 Jan 2024 17:43:05 +0000