A massive crypto wallet drain has been exposed, targeting experienced and industry-savvy crypto users since December 2022.
Draining over 5,000 Ethereum (ETH) and an unknown amount of tokens, non-fungible tokens (NFTs) and coins across 11+ chains, this scam has left the community searching for answers.
Let’s dive into the facts and data surrounding the process and its impact on the crypto community.
Decipher the way scammers operate
Attackers have been systematically draining the keys, possibly from a cache of data obtained over a year ago.
They show distinct patterns in the heist and post-heist movement on the series, often moving assets between the addresses of several victims.
Major thefts in December 2022 used RenBridge, and the final destination for stolen assets is always Bitcoin (BTC).
Attackers use centralized swaps like FixedFloat, SimpleSwap, SideShift, ChangeNOW, and LetsExchange to launder money before moving it to privacy-focused mixers like Coinomize, Wasabi, and CryptoMixer.
commonalities among the victims
The victims share some common characteristics, such as having their keys generated between 2014 and 2022 and being more cryptographically original than most (eg, having multiple addresses and working in space).
This scam has not affected any newbies; I specifically targeted experienced users with a single recovery secret phrase or private key.
To prevent such scams, the crypto community must prioritize education and awareness. Users should avoid keeping all assets in a single key or secret phrase and should migrate to hardware wallets.
Patterns in the timing of the robberies
Wallet drain displays strange patterns in the timing of the thefts. Many of the thefts appear to have occurred on weekends, with notable incidents on Sundays.
Extensive heists appear to have been scripted, and the dust left in the original title drained up to 80 days after the first title dried was stolen.
The IP addresses of attackers and user agents (UAs) are quite diverse, and they often use VPNs, proxies, and other methods to hide their true identity.
way ahead
By examining scammers’ tactics, victims’ commonalities, timing patterns, and understanding the importance of preventative measures, a community can better protect its assets.
Collaboration, education, and vigilance are critical to mitigating risk and restoring confidence in the security of digital assets.