Crypto wallets drainers.

Crypto wallet drainers are malicious programs or smart contracts designed to steal digital assets (cryptocurrency and NFTs) from users' wallets without their consent. These tools often operate through "Drainer-as-a-Service" (DaaS) models, allowing scammers to rent ready-made kits to create phishing websites that mimic legitimate services to trick users. Blockaid
 +2
How Wallet Drainers Operate

• Phishing & Social Engineering: Attackers use ads on social media (X, Reddit) or search engines (Google Ads) to lead users to fake websites promising free airdrops, exclusive mints, or rewards.
• Malicious Smart Contract Interaction: Once a user connects their wallet and attempts to "claim" a reward, the site prompts them to sign a malicious transaction.
• Permit Farming & Approvals: The transaction often tricks users into approving a smart contract that allows the attacker to move specific tokens (permit farming) or grants them full control over the wallet's contents.
• Instant Theft: Once signed, the drainer immediately moves the assets to the attacker's wallet, often laundering them through services like Tornado Cash. TRM Labs
•  +3

Key Characteristics & Notable Examples

• Speed and Automation: These tools can empty a wallet in seconds, targeting the highest-value assets first.
• Multichain Support: Many drainers operate across multiple blockchains, including Ethereum, Solana, and Bitcoin (Ordinals).
• Notable Drainers:
  • Inferno Drainer: Responsible for significant losses, it was linked to over 16,000 unique domains before its claimed shutdown in Nov 2023.
  • CLINKSINK: Used heavily in Solana-based campaigns, stealing roughly $900,000 in early 2024.
  • Other Notable Entities: Monkey Drainer, Pink Drainer, and Venom Drainer.
• Impact: Over $500 million in cryptocurrency was stolen by wallet drainers in 2024, with high-profile victims often losing valuable NFTs or large token holdings. Tangem Crypto Wallet
•  +6

How to Protect Yourself

• Use Hardware Wallets: Store the majority of your assets in a hardware (cold) wallet, keeping them offline.
• Verify URLs: Double-check every web address, especially if clicking on sponsored links or social media ads.
• Revoke Permissions: Regularly review and revoke token approvals on platforms like Etherscan or specialized revocation tools.
• Use Multiple Wallets: Use separate "burner" wallets for interacting with new projects, NFTs, or airdrops.
• Scrutinize Transaction Requests: Carefully read what you are signing in your wallet extension. If a transaction asks for full asset approvals, reject it. Kaspersky
•  +3

If you believe your wallet is compromised, move all remaining funds immediately to a new, secure wallet and revoke any pending permissions.