Drainer-as-a-Service (DaaS): Unmasking the Dark Web’s Latest Threat
What is Drainer-as-a-Service (DaaS)?
A crypto drainer is a phishing tool crafted specifically for the web3 ecosystem. Rather than stealing passwords and usernames, drainer operators typically pretend to be web3 projects, convincing victims to link their crypto wallets to the drainer and authorize transactions that give the operator access to the wallet's funds. If they succeed, drainers can immediately take users' money directly. Drain operators frequently advertise their fraudulent web3 platforms in Discord groups and on hacked social media profiles.
An overview of DaaS and Crypto Drainers
A crypto drainer is a harmful tool or script created to move cryptocurrency from a victim's wallet to one controlled by an attacker. Drainers began targeting MetaMask in approximately 2021, when they were publicly advertised in secretive online platforms and markets.
However, there are various forms in which drainers and drainer-style attacks can manifest. Malicious smart contracts could have concealed features that activate unauthorized transfers. Alternative types of drains could utilise NFTs or token-triggered schemes to create counterfeit assets, enabling the covert and unauthorized exchange of cryptocurrencies.
Crypto drainers are frequently accessed via a Drainer-as-a-Service approach, where DaaS providers supply cybercriminals with software and assistance in exchange for a portion of the looted money. Some common services provided by a contemporary DaaS platform are
- Turnkey crypto-draining scripts
- Customizable smart contracts
- Phishing kits and social engineering services
- Premium OPSEC or security and anonymity services
- Integration assistance and mixing/obfuscation
- Ongoing updates, maintenance and technical support.
Cryptocurrency draining scripts that are turnkey or ready-to-use are utilized to automate the process of draining cryptocurrency from specific wallets. They are designed to be easy to comprehend and implement, without the need for much prior experience.
See also:What Is Consensus in Blockchain?
The Effects of Crypto Drainers
Tracking the overall amount stolen by crypto drainer scams is challenging due to underreporting. Nevertheless, we can examine the behaviors of the scammers that were first identified by Chainalysis clients as phishing scams and those with comparable actions stored in our records.
We can observe that the quarterly growth rate in value taken by these burglars has surpassed even the value taken by ransomware, a type of crime that we have noticed to be rapidly increasing in recent years.
Also, during 2022 and 2023, most of the stolen funds by drainers were transferred to different DeFi projects like decentralized exchanges, bridges, and swap services as it is simpler and more convenient to move these assets within DeFi compared to Bitcoin.
Quick link:What is Proof of History and How Does It Work?
How to Avoid Crypto Drainers
As cyber criminals using crypto-draining techniques become more advanced, it will be more crucial for both web3 projects and users to integrate multiple security measures to guard against this harmful behavior. Wallet Guard and other Web3 security features can detect scam websites and pages, as well as evaluate potential security threats linked to digital currency wallets.
To avoid being exposed to drainers, individuals can store significant amounts of assets in an offline wallet and only move funds to a hot wallet as necessary. Participants in the ecosystem need to be cautious of links shared in chat rooms or on social media that might not be connected to the official account of a project.
In case a private wallet user must connect to a web3 site they are not familiar with, they can generate a temporary wallet without any assets and link it to the site. In case a drainer steals a victim's assets, the victim has the option to void any unfinished transactions.
Who are the Targets of DaaS Attacks?
DaaS attacks can target a wide range of victims, but certain groups are more vulnerable:
- Individuals: People with limited cybersecurity awareness or weak security practices are prime targets for credential theft and subsequent account takeovers.
- Small Businesses: Small businesses often lack robust cybersecurity measures, making them susceptible to web injection attacks that target their online payment systems.
- E-commerce Platforms: E-commerce sites, especially those with large customer bases and high transaction volumes, are attractive targets due to the potential for large-scale financial theft.
The Impact of Crypto Drainers
Crypto drainers, are increasingly used in the theft of cryptocurrency. However, analysis shows that the quarterly growth rate of funds stolen by crypto drainers has surpassed even ransomware, a rapidly growing category of cybercrime.
Learn More:What is Trap Phishing and How You Can Protect Yourself
Conclusion
Drainer-as-a-Service (DaaS) represents a significant and evolving threat in the Web3 ecosystem, enabling cybercriminals to easily exploit unsuspecting users and siphon off their cryptocurrency assets. As these malicious tools become more sophisticated, both individuals and Web3 projects must adopt stringent security measures to mitigate the risks. This includes using advanced security extensions, storing assets in offline wallets, and being vigilant about the links they interact with online. By staying informed and cautious, the Web3 community can better protect itself against the growing menace of crypto drainers.