Security News > 2023 > June > Posing as journalists, Pink Drainer pilfers $3.3M in crypto

According to Web3 anti-scam platform ScamSniffer, miscreants with the Pink Drainer crew posing as journalists from well-known crypto news sources, including Decrypt and Cointelegraph contacted victims and interviewed some of them.

"By analyzing the malicious websites created by Pink Drainer in the past month, we found that many Discord hacks are related to them," the researchers wrote.

In some cases, Discord administrators were told to open what turned out to be a malicious Carl verification - a Carl-bot is a legitimate tool used by Discord members - and to add bookmarks that included malicious code.

A "Drag Me" button on the page contained malicious JavaScript code that steals the user's Discord authentication tokens.

ScamSniffer caught onto Pink Drainer when its on-chain monitoring bots deetected that someone lost almost $320,000 in stolen non-fungible tokens.

The company was able to link that attack to other victims of Pink Drainer.

News URL

https://go.theregister.com/feed/www.theregister.com/2023/06/12/pink_drainer_crypto_scam/