Online advertising platforms, including Google and Twitter, are inadvertently promoting websites linked to a sophisticated cryptocurrency fraud scheme known as ‘MS Drainer.’ This cybercriminal has reportedly misappropriated a whopping $59 million from over 63,210 victims in just the past nine months.

Security researchers at ScamSniffer have uncovered a worrying trend of over 10,000 phishing websites utilizing the tactics of the notorious crypto scammer ‘MS Drainer’ between March 2023 and December 2023.

From March to now, Scam Sniffer has monitored about 10,072 phishing websites using them. By analyzing the on-chain data associated with their phishing addresses, they have stolen nearly $58.98 million from about 63,210 victims over the past nine months.

ScamSniffer blog post reads.

A drainer is a malicious smart contract or, in this case, a complete phishing suite designed to drain funds from a user’s cryptocurrency wallet without their consent.

Users are taken to a legitimate-appearing phishing website and tricked into approving malicious contracts, allowing the drainer to automatically perform unauthorized transactions and transfer the victim’s money to the attacker’s wallet address.

The source code for MS Drainer is sold to cyber criminals for $1,500 by a user named ‘Pakulichev’ or ‘PhishLab,’ who also charges a 20% fee on any funds stolen with the toolkit. Additionally, PhishLab sells additional modules that add new features to the malware, costing between $500 and $1,000.

Buy Me A Coffee

By analyzing the on-chain data of addresses associated with the Drainer, they have stolen approximately $58.98 million from 63,210 victims over the past 9 months.

READ
CERT-In Finds Multiple Vulnerabilities in Android, Advises Users to Update

Top victims:

VictimChainTotal Stolen
0x13e382dfe53207e9ce2eeeab330f69da2794179eEthereum$24,055,508
0x5197da90fb01040a1896a92616ecdfb5765b1134Ethereum$1,192,307
0x856cb5c3cbbe9e2e21293a644aa1f9363cee11e8Arbitrum$644,720
0x704f59ccb0b9399b600b462f974aa5cff76ca3edEthereum$549,056
0xb32659fe74a4ceabadeee1b58ef334d499b8ba26ethereum$444,966

Users should be very cautious when seeing cryptocurrency-related ads and perform due diligence before signing up to new platforms, let alone connecting their wallets.

References: Bleepingcomputer