Blockchain security firm Chainalysis has reported the presence of a large online community dedicated to Solana wallet-draining activities, with more than 6,000 members.
This development comes as the price of SOL, the native cryptocurrency of the Solana blockchain, has experienced significant price surges, making holders of SOL and Solana-based tokens attractive targets for phishing attacks.
The rising threat of Solana wallet drainers
In recent months, the blockchain security community has expressed concerns about the increasing prevalence of malicious decentralized applications (dApps) targeting Solana users through wallet-draining schemes.
According to Brian Carter, a senior intelligence analyst at Chainalysis, successful draining kits are versatile and capable of targeting various assets using different methods. He also pointed out the connection between these drainer kit developers and Russia, with much of the documentation being in Russian.
Carter emphasized the existence of one particularly successful Solana drainer kit promoted across multiple channels by the same developer. Notably, most drainer kits used in cybercrimes today are not limited to Solana but extend their reach to other blockchain networks.
Mitigating the threat
To address this growing threat, Carter suggested the use of tools like Wallet Guard, which has recently implemented protections specifically designed to counter Solana drainers. He also highlighted the common attack vector of phishing through malicious links.
Many drainers exploit users’ fear of missing out and spam DeFi communities with links that appear legitimate but lead to fraudulent websites. Compromised social media accounts and Discord communities are often used to promote these malicious links.
The rapid proliferation of Solana drainer kits
According to CertiK, another blockchain security firm, cybercriminals began offering Solana drainer kits to scammers in December. These kits are typically sold on private hacker chat groups and the dark web, with prices starting as low as $250 per month, as evidenced by screenshots shared by CertiK.
Solana drainer kits are designed to facilitate cyber theft by draining funds from digital wallets. They primarily operate through phishing scams, tricking victims into entering their wallet details on counterfeit websites.
Joe Green, an analyst at CertiK, noted that it’s currently unclear how much has been stolen across all Solana drainers. Still, some instances involve the provider taking a percentage of the stolen assets, similar to the modus operandi of Ethereum Virtual Machine (EVM) drainers.
Targeting the Solana ecosystem
While phishing on the Solana network is not a new phenomenon, the resurgence in the price of SOL has attracted cybercriminals to focus on targeting individuals within the ecosystem. Solana’s price has witnessed a remarkable increase of over 400% in the past three months.
Web3 security firm Blockaid reported a significant incident where one particular Solana drainer managed to steal hundreds of thousands of dollars’ worth of SOL and SPL tokens.
These drainers are known for their high level of sophistication, as they can deceive the simulations used by Solana wallets, leading users to unknowingly sign malicious transactions.
Source: https://www.cryptopolitan.com/growing-concerns-over-solana/