Pink Drainer Posed as Journalists, Stole $3M from Discord and Twitter Users

Pink Drainer hacking group has been employing sophisticated social engineering techniques, often masquerading as journalists from reputable media outlets like Decrypto and Cointelegraph.
It has been determined that the Pink Drainer hackers have managed to pilfer approximately $3 million from nearly 1,932 victims.

A notorious hacker group known as “Pink Drainer” has been identified as the mastermind behind a series of high-profile Discord and Twitter hacks. Their targets include prominent projects such as Evomos, Pika Protocol, OpenAI CTO, and Orbiter Finance.

According to reports, the hackers have successfully lured users into clicking on phishing links by exploiting compromised Discord accounts, resulting in the loss of valuable assets.

ScamSniffer, an organization dedicated to tracking and combating online scams, has conducted an in-depth investigation and confirmed that Pink Drainer is responsible for the majority of the Discord hacks reported in the past month.

Through the analysis of stolen data across various blockchain networks, including Mainnet, Arbitrum, BNB, Polygon, and Optimism, it has been determined that the group has managed to pilfer approximately $3 million from nearly 1,932 victims.

The Pink Drainer hacking incidents have followed a similar pattern. The group has been employing sophisticated social engineering techniques, often masquerading as journalists from reputable media outlets like Decrypto and Cointelegraph.

Victims were then approached for interviews, which lasted for several days and ultimately required Know Your Customer (KYC) authentication. However, this process was a ruse to embed phishing attacks related to Discord in the final steps.

Fake consent form – Stolen funds and number of victims (Image credit: ScamSniffer)

One particular method employed by Pink Drainer involved guiding Discord administrators to open a malicious “Carl verification bot” and directing them to add bookmarks containing malicious code. These bookmarks, when followed, triggered the execution of JavaScript (JS) code capable of stealing the victim’s Discord Token. This token theft granted the hackers unauthorized access to Discord accounts.

After gaining access, Pink Drainer took additional measures to prolong the attack. They removed other administrators, set the malicious account as an administrator, and manipulated the main account to engage in violations that led to it being blocked by Discord. These steps made it challenging to remove phishing messages from Discord servers, further exacerbating the impact on victims.

By analyzing various blockchain data, it has been determined that Pink Drainer successfully stole approximately $2.43 million from Mainnet and $350,000 from Arbitrum. The discovery of Pink Drainer can be attributed to the vigilant efforts of Taylor Monahan, who first identified the hacker group using ScamSniffer’s on-chain monitor bot. One victim, whose NFT assets worth nearly $320,000 were stolen, provided crucial information leading to the resolution of the address that transferred the assets, which was named “pink-drainer.eth.

The recent string of hacks attributed to Pink Drainer serves as a reminder of the evolving threat landscape in the cryptocurrency and online communities. Users must remain cautious and exercise vigilance when interacting with unfamiliar links or providing sensitive information.

In related news, a recent report by blockchain intelligence firm TRM Labs indicates a significant drop in crypto-related hacks during the first quarter of 2023. The industry witnessed a 70% decrease in stolen funds, amounting to approximately $400 million across 40 attacks, compared to the same period in 2022. The decline can be partly attributed to legal actions against hackers and the impact of sanctions imposed on the crypto mixer Tornado Cash, which has made it increasingly difficult for criminals to launder their illicit proceeds.

  1. How hackers behind Twitter Bitcoin scam were caught
  2. Atomic Wallet Hit by $35M Theft in Recent Crypto Breach
  3. New malware targets Discord users to steal personal data
  4. Telegram and Discord Bots Delivering Infostealing Malware
  5. Twitter CEO Jack Dorsey’s account hacked with racial slurs
Total
0
Shares
Related Posts