A hacking group known as ‘Pink Drainer’ is engaging in phishing attacks, targeting Discord and Twitter accounts to carry out cryptocurrency theft. ScamSniffer analysts have reported that Pink Drainer has successfully compromised the accounts of 1,932 victims, resulting in the theft of approximately $2,997,307 worth of digital assets on the Mainnet and Arbitrum platforms. One incident captured the attention of ScamSniffer’s monitoring bots when the threat actors stole $327,000 worth of NFTs from a single individual.
The recent targets of Pink Drainer include notable figures such as OpenAI’s CTO Mira Murati, musician Steve Aoki, and various cryptocurrency projects like Evmos, Pika Protocol, Orbiter Finance, LiFi, Flare Network, Cherry Network, and Starknet.
The hacking group adopts a strategy of impersonating journalists from reputable media outlets like Cointelegraph and Decrypt. They engage in fraudulent interviews with their victims after gaining their trust. To validate the victims’ identities, Pink Drainer directs them to websites that steal Discord authentication tokens.
These websites masquerade as malicious bots, prompting victims to add bookmarks containing JavaScript code that acts maliciously. This code enables the theft of Discord tokens, granting the attackers access to the accounts without the need for user credentials or interception of two-factor authentication codes.
Once in control of the compromised accounts, Pink Drainer sets itself as administrator, removing all other administrators to carry out undisturbed theft of digital assets and sensitive information. In cases where the targeted account belongs to a well-known project or individual with a substantial following, the attackers exploit their access to promote fraudulent giveaways, cryptocurrency scams, fake mints, and phishing pages.
High-profile digital asset holders need to exercise caution and skepticism regarding communications from media outlets. If approached by a journalist, it is advisable to contact the media outlet directly using the contact details provided on their official website to verify the message’s authenticity.
Cryptocurrency investors need to exercise caution when encountering promotions shared by legitimate accounts. Trusting such advertisements can be risky. Instead, taking steps to confirm the legitimacy of giveaways and token drops is crucial.
It is possibly by independently verifying the information provided through official channels, such as the platform’s official website, and cross-referencing it with other verified social media channels.
By conducting these checks, investors can mitigate the risk of falling victim to fraudulent schemes and protect their cryptocurrency investments. Remaining vigilant and implementing these precautions can help protect against the ongoing activities of Pink Drainer and safeguard digital assets.