Massive Solana Heist: CLINKSINK Drainer Campaigns Swipe Nearly $1M Worth Of SOL
12 Januar 2024 - 3:35AM
NEWSBTC
In a recent report released by Mandiant, a threat intelligence and
cybersecurity company, alarming details have emerged about the
widespread exploitation of Solana users through a campaign known as
CLINKSINK. The report sheds light on the nature of these
drainer campaigns, which have resulted in the loss of nearly $1
million worth of SOL tokens. CLINKSINK Campaign Targets Solana
Investors According to the report, The CLINKSINK campaign,
identified by Mandiant, involves malicious actors leveraging
drainers – malicious scripts and smart contracts – to steal funds
and digital assets, including non-fungible tokens (NFTs), from
unsuspecting victims’ cryptocurrency wallets. These campaigns
have been active since December 2023 and have employed at least 35
affiliate IDs associated with a drainer-as-a-service (DaaS)
utilizing CLINKSINK. Related Reading: Bitcoin ETF Approval Triggers
$1.2 Billion Trading Volume And New Highs For BTC Price The modus
operandi of the CLINKSINK campaign involves distributing
cryptocurrency-themed phishing pages through social media platforms
like X and chat applications like Discord. These pages,
masquerading as legitimate cryptocurrency resources like Phantom,
DappRadar, and BONK, entice victims to interact with the CLINKSINK
drainer. Once victims connect their wallets to claim an alleged
token airdrop, they are prompted to sign a transaction that allows
the drainer service to siphon funds from their wallets. Mandiant’s
investigation revealed that the stolen funds are divided between
the affiliate and the service operator(s) based on a predetermined
percentage. The analysis indicates that, on average, 80% of
the stolen funds go to the affiliate, while the remaining 20% go to
the operator(s). However, the operator’s cut can vary between 5%
and 25%, potentially influenced by factors such as partnerships or
reduced fees for successful affiliates. Since the end of December
2023, at least 1,491 SOL tokens and numerous underlying tokens,
with a combined value of over $180,000, were traced to a specific
Solana address associated with the DaaS operator. Based on
this data, Mandiant estimates that these recent campaigns have
stolen at least $900,000 in digital assets. However, it is
important to note that some of the funds sent to the operator’s
wallet might originate from their drainer campaigns or transfers
not subject to the percentage split. Mandiant Warns Of Growing
Trend Mandiant’s report also highlights the availability and low
cost of CLINKSINK drainers in underground forums, indicating a
growing trend of financially motivated threat actors targeting
cryptocurrency users and services. The rising value of
Solana’s native cryptocurrency, SOL, has likely contributed to the
surge in CLINKSINK activity. Furthermore, the CLINKSINK source
code’s apparent leakage could enable unrelated threat actors
to conduct independent draining operations or establish their own
DaaS offerings. Related Reading: Top 8 Crypto Trends That Will
Dominate The Market In 2024: Analyst As the value of
cryptocurrencies continues to rise, Mandiant predicts an increase
in financially motivated threat actors conducting drainer
operations. The ease of access and potential profitability of
these campaigns make them an attractive prospect for cybercriminals
of varying levels of sophistication. Cryptocurrency users and
investors are urged to exercise caution and employ robust security
measures to protect their digital assets. Increased awareness and
vigilance within the cryptocurrency community will be crucial in
mitigating the risks posed by the CLINKSINK drainer and similar
threats. Featured image from Shutterstock, chart from
TradingView.com
Mina (COIN:MINAUSD)
Historical Stock Chart
Von Sep 2024 bis Okt 2024
Mina (COIN:MINAUSD)
Historical Stock Chart
Von Okt 2023 bis Okt 2024