Pink Drainer, a notorious wallet-draining group, has seemingly been given a taste of its own medicine after falling victim to an “address poisoning” scam.
Crypto compliance platform MistTrack drew attention to the attack in a July 7 post to X, saying the hacking group lost 10 Ether (ETH) to the scam, worth around $30,000 at publication, to a fake wallet address in late June.
Speaking to Cointelegraph, MistTrack said an address poisoning scam occurs when an attacker sends small amounts of crypto from a wallet with a similar-looking address to one of the target’s regular wallets, hoping to trick their target into accidentally sending funds to the incorrect wallet.
“Scammers have bots that look for new transactions. Since they can’t crack the code on the whole address, it’s possible to make the first and last few characters look similar to the address being used,” MistTrack said.
“So the scammer is banking on the victim to [copy the] scam address instead of the victim’s original address,” they added.
Related: Angel Drainer targets users with malicious Safe contract: $403K stolen
In this instance, the attackers sent funds from a wallet address bearing an almost identical identifier as Pink Drainer’s previous wallet, something that successfully duped Pink Drainer into sending the fake address a total of 10 ETH by accident.
It comes just a month after a surprise announcement from Pink Drainer on May 17, declaring it would be retiring its services after reaching its stated goal of helping steal over $85 million in crypto assets.
According to Dune Analytics data, Pink Drainer stole $85.3 million in crypto beginning in July 2023.
While Pink Drainer may have halted its operations, there are several other drainer toolkit services, including Angel Drainer, Pussy Drainer and Venom Drainer, that aid nefarious actors in stealing crypto assets.
Magazine — Polkadot’s Indy 500 driver Conor Daly: ‘My dad holds DOT, how mad is that?’