Key takeaways:
- Pink Drainer deceived the victim into authorizing a malicious transaction, transferring more than 275,700 LINK.
- The stolen crypto was quickly sold for Ethereum on eXch.
In a series of cybercrimes, the notorious hacking group known as “Pink Drainer” has been unmasked as the mastermind behind a string of hacks on Discord and Twitter throughout the year. Their illicit activities have resulted in the theft of over $18 million from more than 9,000 individuals.
Among their high-profile heists, Pink Drainer successfully pilfered $4.4 million worth of Chainlink (LINK) from a single victim. The victim unwittingly approved an “Increase Approval” function, granting the hacker access to drain their wallet.
In two transactions, totaling 275,700 LINK tokens valued at $4.33 million, 68,925 LINK ended up in a wallet labeled “PinkDrainer: Wallet 2,” while 206,775 LINK were sent to a separate address, as reported by Scam Sniffer. The means by which the hacker obtained the victim’s approval signature remains unknown.
Pink Drainer, identified as the perpetrator of at least 10 active phishing websites within the past day, is currently laundering the stolen funds through an “instant cryptocurrency exchange” known as eXch, converting them into Ether.
This cybercriminal group has been linked to various Discord and Twitter breaches over the past year, impacting projects such as Evmos, Pika Protocol, OpenAI Chief Technology Officer Mira Murati, and Orbiter Finance.
Blockchain security firm Scam Sniffer has confirmed the recent attack is attributed to the Pink Drainer scheme, although the specific details of the victim’s interaction with the fraudulent website remain unclear.
Blockchain investigator ZachXBT has reported that the purloined funds have already been converted to Ether and are undergoing laundering through eXch.
ย Additionally, Reddit user jbtravel84 has conducted an analysis, flagging wallets associated with the incidents, revealing that funds are being swapped to Ethereum (ETH) and moved into intermediary addresses. Further investigation may unveil the identities behind these wallets.
Experts believe that Pink Drainer is affiliated with a well-known hacking group responsible for multiple scams in the past. The incident has sparked widespread outrage within the crypto community, prompting calls for increased disclosure and urging cryptocurrency holders to exercise heightened caution.
Scam Sniffer, the anti-scam platform, has identified at least 10 fraudulent Pink Drainer websites within the past day, emphasizing the need for continued vigilance and security measures in the face of evolving cyber threats.