JAKARTA - Crypto fraudsters are increasingly sophisticated and cunning in stealing digital assets from unwary users. They used a phishing tool called 'Walket Drainer' to drain victims' crypto wallets in seconds.

Phishing is an online fraud technique that mimics official websites or services to lure users into entering personal information or access credentials. In crypto cases, phishing usually targets crypto wallets, namely applications or devices used to store and send digital assets.

According to data from Scam Explorer, a platform that protects Web3 users from fraud, a 'Wallet Drainer' phishing tool has been used in a series of scams through Google searches and X ads since March 2023. It managed to steal nearly $58 million (IDR 898 billion) from more than 63,000 victims in nine months. The biggest theft occurred in September 2023, where a victim lost $24 million (IDR 372 billion) in one transaction.

Most of these scams target MetaMask users, popular crypto wallets used to interact with decentralized apps (dApps) on Ethereum. Fraudsters create fake websites that mimic MetaMask or dApps connected to MetaMask, such as OpenSea or Uniswap. They then attract users to visit the website via ads or links that appear in Google search results.

When users click on the ad or link, they will be directed to a phishing website asking them to connect their MetaMask wallet. If the user approves the request, the 'Wallet Drainer' phishing tool will automatically send all crypto assets in the victim's MetaMask wallet to the fraudster's address. This process takes place very quickly, so the victim doesn't have time to cancel or prevent transactions.

Security researchers recently discovered the same attack in directed ads on popular social media networks. This repackaged fraud model migrated from search to social media to attract more attention. The security team analyzed account data over the past nine months and linked more than 10,072 fraudulent websites to these scammers networks, often disguised as well-known crypto brands.

The scammers arrange their steps and tactics over time to maximize success and avoid protection filters. Their tricks include deploying fraudulent sites to various global regions and exchanging legitimate brand URLs for behind-the-scenes phishing sites.

This allows them to target victims at certain locations while showing non-suspicious sites to inspectors or security services inspecting other areas. This fraud network always adapts to new conditions so that it avoids authorities who track fraudulent activities on the internet several times.

It is important to note that 'Wallet Drainer', commonly called MS Drainer, can be available on various forums. Unlike other fully managed and charged Drainer Wallets, MS Drainer offers its source code for purchase and can provide modules and additional features at an additional cost.

This shows that illegal activities on the internet such as phishing scams can develop over time and escape the attention of the government. So crypto users need to be more vigilant and careful in protecting their digital assets especially when using social media.


The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)