Comprehensive Guide to Understand How Scammers Drain Crypto Wallets 

Scammers utilize several tactics to steal people’s money and drain crypto wallets. According to one researcher, some only need to know the victim’s wallet address.

Forta Network, a blockchain security firm, noted that in May, scammers spun up at least 7905 blockchains to amass crypto they pilfer from regular users. The company runs a network of bots that spot scams on Binance Smart Chain, Avalanche, Ethereum, Arbitrum, and Fantom blockchains.

Understanding Scammers Drain Crypto Wallets

According to Christian Seifert, a Forta researcher-in-residence, Forta’s algorithm can identify several anomalous behaviors while evaluating transactions on blockchains. In some attacks, scammers depend on social engineering, which entails sniffing around people’s private data or employing tactics to compel crypto users to divulge their seed phrases or passwords. 

According to Seifert, most attacks are social engineering attacks. This entails luring users to a website, the website requesting them to link their wallet, a transaction popping up, and a user authorizing it.

‘Ice Phishing’

This was the most common attack in May, accounting for 55.8% of all registered attacks. The technique is different from the more obvious or famous phishing attacks since it does not aim directly at users’ data. 

An ice phisher dupes a victim into signing a malevolent blockchain transaction that grants access to a victim’s wallet, permitting the attacker to steal all the money. In such situations, victims are mostly lured onto a phishing website created to imitate actual crypto services. 

On its support page, MetaMask, the developers of the most famous Ethereum crypto wallet, reveal that when accepting token authorization transactions, ‘one is definitely in control and has final responsibility for everything they do.’ Thus, people should know what they are signing up for when sanctioning token approvals. 

Attackers also try to dupe users into interacting with different decentralized applications (dapps). These schemes primarily develop an impression of new worthwhile opportunities and leverage the typical inclination to fall for fear of missing out (FOMO). 

Seifert noted that ice phishing entails two critical steps: enticing a victim onto a malevolent website and developing a positive narrative. A phishing attack variation entails duping users to send native assets to the scammer directly, which is attained by signing a ‘security update’ function of the scammer’s contract.

NFTs, Airdrops, and Address Poisoning 

Some attackers target nonfungible token (NFT) traders. For instance, a few scammers have created tactics that leverage quirks in NFT infrastructure.

To save transaction fees, selling NFTs on Seaport entails users creating sell orders by signing a transaction broadcasted locally on the platform instead of the vast Ethereum network. Attackers search for users with valuable nonfungible tokens and attempt to deceive them into sanctioning transactions that would sell their treasured holdings at a share of the market price. 

Currently, NFT traders are mostly aware of the various ways to exploit them. Powerful NFT figures have been victims of some of the highest-profile crypto heists. 

Concerning ‘address poisoning’ attacks, attackers evaluate the transaction information of their victims’ wallets and seek the addresses they interact with the most. Later, they make a blockchain address that seems familiar to their target and send the victims to a transaction with minimal to no value.

The transaction seeks to ‘poison’ a planned victim’s transaction history by placing the malevolent address in a place where they might erroneously copy and paste it when making their next transaction. 

Transaction Hygiene 

Since scammers and hackers are becoming more industrious, it is critical to always pay attention to the addresses that wallets interact with. Wallets must have security elements.

Forta reveals its database of fraudulent addresses to the ZenGo wallet. Besides, it assigns blockchain wallets various risk scores referring to their role in possible scammy behavior.

Seifert also noted they have machine learning models and detection bots that track transactions in real-time and search for specific behaviors and conditions.

Final Thoughts 

Scammers camouflage to drain crypto wallets using the simplest exploits. They exploit the wallet addresses, particularly using recognizable brands, when developing social engineering exploits that attain victims’ attention or trust.