Solana wallet drainer activity has increased in recent months as the price of SOL has skyrocketed, making holders of SOL and Solana-based memecoins more lucrative phishing targets.
One of the largest online communities devoted to just one popular Solana
$98 wallet drainer kit has more than 6,000 members, according to blockchain security firm Chainalysis.
Over the last week, several blockchain security firms shared concerns about a growing number of malicious decentralized applications targeting users with Solana-based drainers.
Chainalysis senior intelligence analyst Brian Carter told Cointelegraph that the most successful draining kits are flexible and target various assets using different methods.
He highlighted Russia’s links to the small community of developers offering drainer kits for sale, with the documentation often in Russian.
“The largest community devoted to one Solana drainer has about 6,200 members,” he said before adding:
“There is really one successful dedicated Solana drainer kit that is promoted in multiple channels that links to the same developer. Most of the drainer kits used in crimes today are not specific or limited to Solana.”
To mitigate the threat, he suggested using tools such as Wallet Guard, which recently implemented protections for Solana drainers. He added that phishing with malicious links was a common attack vector.
“Many drainers exploit people’s fear of missing out and spam users in DeFi [decentralized finance] communities with links to legitimate-looking — but fraudulent — websites. Social Media accounts and Discord communities are often compromised and used to promote links to drainer websites,” he added.
According to blockchain security firm CertiK, many cybercriminals began offering Solana drainer kits to scammers in December.
The kits are peddled on private hacker chat groups and the dark web and can be bought for as little as $250 per month, according to screenshots shared by CertiK.
Crypto drainer kits are crafted to facilitate cyber theft by draining funds from digital wallets. They primarily operate through phishing scams, luring victims to enter their wallet details on counterfeit websites.
CertiK analyst Joe Green told Cointelegraph that it is currently unclear how much has been stolen across all Solana drainers. However, in some examples, “they take a similar approach to the EVM [Ethereum Virtual Machine] drainers that we see where the provider takes a cut of the stolen assets.”
“Phishing on the Solana network isn’t new,” he added, “but with the resurgence of Solana’s price, cybercriminals are beginning to focus on targeting individuals in the ecosystem.”
SOL prices have surged more than 400% over the past three months.
On Jan. 2, Web3 security firm Blockaid reported that one particular Solana drainer stole hundreds of thousands of dollars worth of SOL and SPL tokens.
“These drainers are highly sophisticated and can deceive the simulations used by Solana wallets, leading users to unknowingly sign malicious transactions,” it reported.
Leave feedback about this