Solana Faces Ongoing Threat as Wallet Drainers Pilfer Over $4M in 30 Days

In a disturbing trend, Solana, which gained prominence after a remarkable rally in December, is grappling with scammers and hackers exploiting its expanding user base. Over the last month, malicious actors successfully drained millions from unsuspecting users, presenting a significant challenge for the network.

Surge in Phishing Scams:

Blockchain security firm Scam Sniffer alerts the public to a surge in phishing scams using wallet drainers, resulting in over $4 million siphoned from more than 4,000 Solana wallets in the past month.

Rainbow Drainer Exploit:

Uncovered on December 16, 2023, during an airdrop phishing incident, the Rainbow Drainer exploit deceived victims with an NFT airdrop guise. Users unknowingly signed a seemingly innocent contract, enabling hackers to drain over $2 million from 2,000 users.

Scam Sniffer analysis of Rainbow Drainer exploit. Source: Dune.

Node Drainer:

Discovered during the Christmas holidays, the Node Drainer remained active, managing to pilfer over $2 million from 2,000 users within a mere two weeks. Stolen assets included significant amounts of BONK tokens, totaling $1 million, alongside other memecoins.

Targeting BONK Holders:

Scam Sniffer suggests that hackers are predominantly targeting BONK holders, capitalizing on the recent surge in the token's popularity.

Absence of Blocklist:

The absence of a Solana ecosystem blocklist to identify and block such NFTs allows scammers to continue their campaigns. The perpetrators have already shifted to a new phishing campaign named MEMEDROP.

Solana's vulnerability to phishing scams and wallet drainers has become a pressing concern, with over $4 million drained in just 30 days. The ongoing exploitation of unsuspecting users, coupled with the absence of a blocklist, emphasizes the need for increased security measures within the Solana ecosystem to safeguard users against evolving phishing tactics.