A scammer known by the name Monkey Drainer has used a phishing hack to steal about $1 million worth of Ether from shady imitation NFT minting websites.
One of the first to track and highlight the behavior was well-known blockchain sleuth ZachXBT, who said on October 26:
“Over the past 24 hrs ~700 ETH ($1m) has been stolen by the phishing scammer known as Monkey Drainer. They recently surpassed 7300 transactions from their drainer wallet after being around for only a few months.”
ZachXBT continued, “The two biggest victims over the last day include 0x02a & 0x626 who lost $370k combined through signing transactions on dangerous phishing sites.”
Longer term, Monkey Drainer is believed to have stolen more than $3.5 million through their schemes, with “that sum fast increasing by each day,” the blockchain fraud investigator continued.
Phishing scams sometimes include criminals disseminating links to websites that pose as legitimate initiatives or businesses in an effort to trick users into divulging private information by promising a thrilling purchasing opportunity or a no-cost promotion.
Monkey Drainer has been associated with four specific addresses, including the monkey-drainer.eth address.
The blockchain-based Web3 security network Chainabuse now displays a lengthy series of reports pertaining to airdrop frauds, NFT scams, and phishing assaults when searching these addresses.
A handful of the reported cases are phony Aptos Airdrops, a false Wolf Game, and Bored Ape Yacht Club marketplace, and airdrop frauds via the Astrobot Society discord channel.
Web3 security neighborhood Additionally, in response to ZachXBT’s Twitter thread, Wallet Guard mentioned that it had “spotted several other mint sites recently created” with Monkey Drainer on the backend, including a phishing website that claimed to be a Garbage Friends whitelist link.
Over the past few years, ZachXBT has established himself as a reputable independent blockchain investigator and exposed numerous instances of criminal activity in the industry.
ZachXBT’s work was even credited earlier this month by Christophe Durand, the deputy head of France’s national cyber unit, for aiding authorities in locating five suspects who were allegedly using phishing to steal NFTs worth $2.5 million.
