A recent report reveals a significant security breach in the Solana ecosystem, with the CLINKSINK campaign orchestrating a heist of almost $1 million worth of SOL tokens. Mandiant, the cybersecurity firm, has identified this ongoing threat, indicating a growing trend in financially motivated attacks on cryptocurrency users and services.
The CLINKSINK campaign, active since December 2023, employs drainers – malicious scripts and smart contracts – to steal funds and digital assets, including non-fungible tokens (NFTs), from unsuspecting victims' wallets. Using at least 35 affiliate IDs associated with a drainer-as-a-service (DaaS) utilizing CLINKSINK, the campaign targets Solana investors.
Sample of Phantom airdrop-themed phishing page. Source:Mandiant
The perpetrators distribute cryptocurrency-themed phishing pages through social media platforms and chat applications, posing as reputable resources like Phantom, DappRadar, and BONK. Victims are enticed to interact with the CLINKSINK drainer under the pretense of claiming a token airdrop. Upon connecting their wallets and signing a transaction, the drainer siphons funds from their wallets.
Mandiant's investigation reveals a systematic division of stolen funds, with 80% going to the affiliate and the remaining 20% to the operator(s) of the drainer service. However, the operator's share can vary between 5% and 25%, influenced by factors like partnerships or reduced fees for successful affiliates.
Since December 2023, the campaigns have traced at least 1,491 SOL tokens and various underlying tokens, totaling over $180,000, to a specific Solana address associated with the DaaS operator. Mandiant estimates the total losses from these campaigns to be at least $900,000. The report warns of the growing trend of financially motivated threat actors targeting cryptocurrency users and services, emphasizing the availability and low cost of CLINKSINK drainers in underground forums.
olana price rounding the $100 Smilestone. Source:SOLUSDT on TradingView.com
With the rising value of Solana's native cryptocurrency, SOL, Mandiant predicts an increase in financially motivated threat actors conducting drainer operations. The ease of access and potential profitability make these campaigns attractive to cybercriminals. Cryptocurrency users and investors are strongly advised to exercise caution, implement robust security measures, and stay vigilant to mitigate the risks posed by the CLINKSINK drainer and similar threats.
The team has refuted allegations of generating excessive false positives, asserting instead that its efficacy was so pronounced that it led to the cessation of a crypto drainer due to sheer frustration.
KikyoSingapore issues advisory on growing crypto drainer threat. Urges hardware wallet use, thorough research, and prompt reporting to mitigate risks.
EdmundChris Larsen, Ripple co-founder, loses $117.4 million in XRP to hacking. Stolen funds spread across major exchanges, highlighting the need for enhanced security in the digital asset realm. Law enforcement engaged; caution prevails.
Huang BoOn Christmas Day, cryptocurrency scammers managed to siphon off a staggering $3 million from unsuspecting victims. Employing a tactic using Google Ads to direct users to fake websites equipped with wallet-draining software, these scammers continue to plague the cryptocurrency landscape with their malicious schemes.
JoyInferno Drainer's shutdown highlights challenges and opportunities in combating cryptocurrency fraud, leaving the community with a mix of relief and vigilance.
Hui XinInferno Drainer, a leading crypto wallet-draining service, bows out after orchestrating phishing scams that resulted in the theft of nearly $70 million in cryptocurrency. The team ensures a smooth transition for users, but concerns persist about the potential rise of new threats in the crypto underworld.
Huang BoNow the NFT trading card project has slumped to new lows as trading demand continues to vanish.
decryptA story of lies, inflated metrics, and where we go from here.
CharlieXYZFunds were converted to DAI stablecoins and bridged to the Ethereum network.
CoindeskThe new shop entertained about 400 crypto-curious guests on opening day, and hopes to host even more as other stores are opened across the U.S. and the rest of the world.
Cointelegraph