Key Points:
- The Pink Drainer hacker group targeted prominent accounts, employed deceptive tactics, and stole over $3.5 million in digital assets from around 2,800 victims.
- Through fake websites, phishing pages, and fraudulent giveaways, the hackers exploited users’ trust to gain control of project accounts and transfer stolen tokens to their own addresses.
The Pink Drainer hacker group attacked many well-known accounts, including OpenAI CTO, Orbiter Finance, Evomos, Pika Protocol, etc. Then they sent fake giveaways, fake mints, and phishing pages, Bitrace reports.
One of the tactics employed by the Pink Drainer hackers involves creating fake websites that closely resemble legitimate platforms. In this case, they developed a replica of Slingshot’s website, substituting the real website suffix with a deceptive one. By taking control of the social platform accounts associated with the targeted projects, the hackers could promote their fraudulent website, enticing users with promises of token airdrops.
Once unsuspecting users entered the phishing website and linked their wallets, they were prompted to authorize transactions granting token transaction permission to the hackers’ address. This authorization request would reappear indefinitely, trapping users in a loop. Consequently, many users inadvertently granted control of their tokens to the Pink Drainer hackers, who promptly transferred the stolen assets to their own addresses.
After acquiring the stolen tokens, the hackers converted them into mainstream cryptocurrencies such as BNB, ARB, and OP. Eventually, they exchanged these tokens for ETH using the Celer Network for cross-chain operations. By employing this method, the hackers could hoard the stolen assets in multiple addresses on the main network, completing the theft.
The Pink Drainer hacker group has previously targeted other well-known protocols, employing similar tactics to steal users’ encrypted assets. With many followers on the targeted accounts, the hackers could exploit their account permissions and carry out cryptocurrency scams, fake giveaways, fake mints, and phishing pages.
According to cryptocurrency analysis platform Bitrace, the Pink-Drainer.eth address alone has executed over 4,486 Transfer From transactions, resulting in the theft of various types of assets. As of the time of writing, there have been approximately 2,848 victims who have collectively lost around $3,548,566 worth of digital assets, including $2,895,390 in Ethereum and $380,614 in Arbitrum.
DISCLAIMER: The information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.
Join us to keep track of news: https://linktr.ee/coincu
Thana
Coincu News
Source: https://news.coincu.com/196946-pink-drainer-hackers-2848-victims/