ZachXBT, a well-known on-chain investigator, claims that Monkey Drainer, a phishing scammer, has stolen over 700 ETH (equal to $700,000) worth of cryptocurrency and non-fungible tokens in the last 24 hours, amounting to about $1 million.
How did the Monkey Drainer Scam?
According to ZachXBT, the two biggest victims, 0x02a and 0x626, lost a total of $370,000 after approving transactions on phishing websites controlled by the serial fraudster. A total amount of $150,000 worth of non-fungible tokens (NFT) were apparently lost by 0x02a, including 1 Bored Ape Yacht Club (BAYC) collection, 1 CloneX, 36,000 USDC, and 12 additional NFT.
In the last few weeks, the suspected scammer has been successful in tricking several victims. The researcher claims that the amount of money stolen in the scam has exceeded $3.5 million and is continuing to rise.
Over 7,300 transactions have been performed by the hacker throughout his several months of operation.
APY, BMI, SHOPX, XED, and PMON, among other low-cap projects, were allegedly promoted by well-known crypto influencer Lark Davis before being dumped on the community’s uninformed users, according to ZachXBT. He allegedly earned $1 million as a result.
Both of these victims were only a few of the numerous people who had their money taken by Monkey Drainer. According to a tweet from ZachXBT, more than $3.5 million has been stolen in total, and the figure is growing daily.
ZachXBT advised to the users to exercise “extreme caution” before linking their wallets to untrusted websites and signing transactions.
However, ZachXBT discovered a new phishing scheme in August when victims lost more than $2.5 million worth of NFTs. Five individuals associated with the BAYC collecting scheme were indicted in Paris earlier in October.
Phishing scams sometimes include criminals disseminating links to websites that pose as legitimate initiatives or businesses to trick users into divulging private information by promising a thrilling purchasing opportunity or a no-cost promotion.
The Monkey Drainer has been associated with four specific addresses, including the monkey-drainer.eth address.
Web3 Security Community Wallet Guard Responded
The blockchain-based Web3 security network Chainabuse now displays a lengthy series of reports about airdrop frauds, NFT scams, and phishing assaults when searching these addresses.
A handful of the reported cases are phony Aptos Airdrops, a false Wolf Game, Bored Ape Yacht Club marketplace, and airdrop frauds via the Astrobot Society discord channel.
ZachXBT’s Twitter thread received a response from the Web3 security community Wallet Guard, which claimed to have “seen multiple additional mint sites recently constructed” with Monkey Drainer on the backend, including a bogus Garbage Friends whitelist link that led to a phishing website.
In the last few years, ZachXBT has established himself as a reputable independent blockchain investigator and exposed numerous instances of criminal activity in the industry.
Christophe Durand, the deputy head of France’s national cyber unit, even acknowledged ZachXBT’s efforts earlier this month for aiding authorities in locating five people accused of using phishing to steal NFTs valued at $2.5 million.
Even though 2022 has been a challenging year for the cryptocurrency market, phishing attempts continue to target cryptocurrency on social media. Phishing attacks rose from 106 to 290 in the second quarter, a 170% rise, according to blockchain analysis company CertiK.
The Coin Rise claimed that in a more recent event, hackers chose to target several FTX users and were successful in obtaining cryptocurrency worth $1.26. In previous incidents, hackers have taken control of Gate.io, an exchange platform’s official Twitter account. The three biggest social media hubs for cryptocurrency frauds are now Discord, Telegram, and Twitter.