Wallet drainer moves funds to Tornado Cash

Cryptosecurity firm CertiK has warned that a well-known wallet drainer has moved funds to sanctioned crypto tumbler Tornado Cash.

In a May 27 alert, CertiK reported that two externally owned addresses (EOAs), 0x546 and 0x108, deposited 20 ether (ETH) with a market value of $36,473 in Tornado Cash.

source: certificate on Twitter

As per the alert, the money came from a Wallet dryinga malicious file that automatically transfers cryptography from the wallets of unsuspecting visitors to phishing sites.

While CertiK claimed that the address the funds originated from was known to drain the wallet, it did not disclose any previous exploits linked to it.

Scammers are posting the phishing link on the Nahmii Discord channel

It wasn’t the only alert CertiK issued over the weekend, as hackers and exploiters continued their attacks on crypto platforms.

The on-chain security company also alerted users to a fake token airdrop link posted on Nahmi’s Layer 2 (L2) protocol Discord channel. CertiK warned Nahmii users not to click on the link, which it claimed led to another known wallet drain.

source: certificate on Twitter

Nahmii is an L2 protocol on Ethereum that provides transactions for decentralized applications (dApps). It uses a hybrid consensus mechanism that combines Proof of Stake (PoS) and Proof of Transfer (PoT) for end-to-end and security.

Its native NII token is used for staking, governance and fee settlement on the network. CertiK advised Nahmii users to refrain from clicking on any links until the Nahmii team confirms that control of the server has been restored.

CertiK also attracted the attention of cryptocurrency users with a fake refund airdrop (RFD) allegedly promoted on Twitter by @Arnoldty_eth, an account with over 8,000 followers.

source: Arnold on Twitter

The account promoting the alleged scam posted instructions on how to claim an RFD airdrop, which included entering a CertiK website claimed Connected to phishing nodes, 0x146.

Recently, crypto scammers have been using active Twitter accounts to intentionally or unintentionally promote phishing scams.

On May 26, hackers took over the popular Twitter account, @steveaoki, and used it to push a fake airdrop that caused unsuspecting users to lose more than $170,000. Other accounts, like @eth_ben, exacerbated the scam, inadvertently pushing the fake promotion and getting it seen by more people.


Follow us on Google News

cashdrainerfundsMovesTornadoWallet
Comments (0)
Add Comment