Crypto investors are increasingly falling victim to phishing scams. Now, the Pink Drainer hacker group has exploited users of its decentralized finance (DeFi) platform Slingshot.
Slingshot users lost funds to Pink Drainer Hacker Group
Investors are interested in various crypto meme coin launches and airdrops to get quick returns. But often malicious actors use greed to steal investors’ funds. According to Weixin, more than 216 users of DeFi platform Slingshot lost their money due to a phishing scam on Tuesday. Pink Drainer hacked Slingshot’s Twitter account. Thus, he performed a phishing scam. Displayed a fake link to request an airdrop and drained funds from connected wallets.
Source: WeixinFinally, Slingshot got his Twitter account back. He then asked the victims to submit tickets through the help center.
How hackers robbed the cryptocurrency platform!
After unsuspecting users entered the phishing website and linked their wallets, the hackers were asked to authorize transactions that allowed token transactions to their address. This authorization request was repeated indefinitely, trapping users in a loop. As a result, many users mistakenly gave control of their tokens to Pink Drainer hackers. They also immediately transferred the stolen assets to their own addresses.
After obtaining the stolen tokens, hackers converted them into mainstream cryptocurrencies such as BNB, ARB and OP. Finally, they used Celer Network for cross-chain transactions. Thus, they exchanged these tokens for ETH. Using this method, the hackers completed the heist by stacking the stolen assets at multiple addresses on the mainnet.
The aggressors’ record is full of thefts
The Pink Drainer hacker group has targeted other well-known protocols before. It used similar tactics to steal users’ encrypted assets. Hackers, who have a large number of followers on targeted accounts, can take advantage of account permissions to perform cryptocurrency scams, fake giveaways, fake prints and phishing pages. According to crypto analytics platform Bitrace, the address Pink-Drainer.eth alone has processed more than 4,486 Transfer From transactions. In this way, he succeeded in stealing various types of assets.
Source: DuneSlingshot isn’t the only victim of the Pink Drainer hacker. On June 2, the hacker group took control of the OpenAI CTO’s Twitter account, as we reported on Kriptokoin.com. In this way, it introduced scam tokens. They have also exploited users of Orbiter Finance, Evomos and Pika Protocol before. As of the time of this writing, there are approximately 2,848 victims who lost about $3,548,566 worth of digital assets, including $2,895,390 in Ethereum and $380,614 in Arbitrum.
36584
