According to CryptoPotato, the notorious crypto-hacking group Pink Drainer has been implicated in a sophisticated phishing scam that resulted in the loss of $4.4 million worth of Chainlink (LINK) tokens. The cyber heist targeted a single victim who was deceived into signing a transaction linked to the 'Increase Approval' function, a standard procedure in the crypto world that allows users to set limits on the number of tokens accessible for transfer by another wallet. Without the victim's knowledge, this action enabled the unauthorized transfer of 275,700 LINK tokens in two separate transactions.
Crypto-security platform Scam Sniffer revealed that the tokens were drained in two transfers, with 68,925 LINK tokens initially diverted to a wallet tagged by Etherscan as 'PinkDrainer: Wallet 2.' The remaining 206,775 LINK tokens were sent to a different address ending with 'E70e.' Renowned crypto detective ZachXBT disclosed that the stolen funds were quickly converted into Ethereum (ETH) and laundered through the eXch service, making the assets more difficult to trace.
Scam Sniffer's investigation confirms the involvement of the Pink Drainer group in this heist, although the exact method used to coerce the victim into authorizing the token transfer remains unclear. The platform has identified at least 10 new scam sites connected to Pink Drainer in the last 24 hours alone. The group, known for its high-profile attacks on platforms such as Twitter and Discord, has been linked to incidents involving Evomos, Pika Protocol, and Orbiter Finance. Earlier this year, they were also implicated in a scam posing as crypto journalists, leading to the theft of approximately $3 million from over 1,932 victims. The latest data from Dune Analytics indicates an escalation in Pink Drainer's activities, with total losses amounting to $18.7 million, affecting 9,068 victims as of December 19.