NFT Drains and Fake Airdrop Scam Steal Over $110K in Minutes

• NFT malicious approvals lead to a shocking $18K asset theft
• Fake airdrop contracts steal $92K ETH via Blind Signatures
• Re-deply all old approvals and verify domains to stay safe.1

NFT and crypto scams in recent years have led to losses of over $110,000 through malicious approvals and blind signatures. This week, Web3 Antivirus discovered 2 significant wallet drain attacks. 

Offenders swindled rare NFTs and large amounts of Ethereum out of their victims by being tricked by elaborate scams.

In the initial instance, NFTs worth approximately 18,000 dollars were the subject of an attack. With a malicious contract approval, attackers wiped out valuable Plooshy #565 and several Lil Pudgys NFTs governance operations on the victim’s pursuit. The fraud consisted of a multicall exploit over several scam-controlled addresses.

NFT drains and multicall expose flow through Blind Signatures

Source – X

Web3 Antivirus on X reported that several prized NFTs were sold in a few seconds out of the wallet of the unlucky victim (0x3f4a…). The fraudsters took advantage of malicious approval to skip normal security, allowing contract access to the tokens with no restrictions. 

This is a during-transfer strategy that enables assets to be transferred without the need for additional consent from the user.

These wallets (0xac82…, 0xb1f9…) that scammed it with the multicall functionality performed the draining of funds systematically and without detection. Analysts caution against blind approvals/agreements that create the opportunity to indulge in this type of abuse, insisting that contract verification must be done thoroughly.

Scalper Pseudocross airdrop Contract Snatches 92K ETH

Source – X

In another related elapse, one victim lost nearly 100,000 dollars in ETH. A blind signature was needed by the wallet in order to interact with a fake airdrop contract named Cross Airdrop. The wallet was emptied by scammers when it was signed.

Web3 Antivirus warned about the risk of blind signatures, particularly on red-flag airdrop sites.  They recommended the field to users to check the authenticity of the domain and invalidate stale contract approvals. This fast heist took a $22 ETH out of the wallet (0x1142…) of the victim.

Analysts observe that scammers are increasingly using a combination of traditional techniques and smart contract bugs. Hackers spoof NFT approvals and use sham airdrop approaches to overcome consumer safeguards. 

These malware attacks are aimed at targeting naive users who innocently believe in connection with suspicious web3 interactions.

Blockchain security sources affirm that wallet users need to keep track of contract permission revocation on a regular basis. Verifying approvals prevents the extent of activity that can be gained by scammers after they dupe victims into consenting to harmful transfers.