Since early March 2023, scammers have managed to scam users out of nearly $59 million in cryptocurrency using a malicious sсript. Cybercriminals used a service called MS Drainer to remove funds from the crypto wallets of more than 63 thousand people.
This was reported by online detective Scam Sniffer. According to the analyst, attackers attracted users to phishing pages of popular projects such as Lido, DefiLlama, Zapper, Orbiter Finance and Radient. Each of these projects was specifically promoted in search engines such as Google, as well as in advertising on the Twitter platform.
So far, Scam Sniffer has detected more than 10 thousand fake websites. The greatest activity of cybercriminals was observed in May, June and November. The first person to notice the phishing ads was the famous blockchain analyst ZachXBT. At the end of June, he noticed a large number of such posts on the Twitter platform. Some of them reported the distribution of non-fungible Ordinals Bubbles tokens, while others promised airdrops from famous projects.
Almost all ads contained phishing links that led to MS Drainer. Users following these links lost their funds in crypto wallets. In addition, the creators of the malicious sсript also sold its source code to other hackers. According to Dune, over nine months, the attackers were able to defraud about $58.8 million from 63,210 users, mostly in Ethereum (ETH), Polygon (MATIC) and Arbitrum (ARB).
