Overview
Drained $27m so far, ~15k victims. The top 5 victims lost $14m.
~530 phishing sites created, ~170 brands being targeted.
Dune: https://dune.com/scamsniffer/venom-drainer-stats
About Venom Drainer
Venom Drainer first appeared in the announcement of Monkey Drainer claiming to be offline, Scam Sniffer first spotted them on 02-18.
Blur Module
2 days after Scam Sniffer issued a warning about the risk of phishing exploits with Blur bulk listing, they claimed to have implemented a Blur-based phishing module.
Recruit People
Starting from March 20th, they try to recruit people who can send private messages or Tickets to the administrators of the well-known Crypto project Discord to participate in launching phishing campaigns with a 15% cut.
Update
On March 31, they claim to have made $10m in profits
Phishing Sites
Scam Sniffer monitored that venom created more than 540 phishing sites since 02-17.
These phishing sites target more than 170 brands, such as Arbitrum, Blur, zkSync, Optimism, and MetaMask, all of which are among those that have recently had relevant airdrops. Another Circle, USDC experienced a brief drop on March 11. These are potential scamming opportunities for them.
Target Brand | Phishing Sites |
---|---|
Arbitrum | 148 |
Circle | 54 |
Blur | 36 |
zkSync | 31 |
Optimism | 22 |
Shibarium | 21 |
GPT | 18 |
Trust Wallet | 16 |
Collab.Land | 11 |
MetaMask | 10 |
Memes 6529 | 10 |
Doodles | 9 |
Aptos | 8 |
adidas Originals | 8 |
Rocket Pool | 6 |
Uniswap | 6 |
Layer Zero | 6 |
NFT Paris | 5 |
RTFKT | 5 |
Sui | 5 |
Floki | 5 |
Lens Protocol | 5 |
Mask Network | 5 |
Mocaverse | 4 |
art blocks | 4 |
View More: https://lookerstudio.google.com/reporting/9f17f931-ff15-4af1-baf7-0c89c4953310
Stolen Stats
Cause $27m lost so far, ~15k victims. And most stolen assets are ERC20 tokens.
The top 5 victims lost $14m:
Victim | Stolen |
---|---|
0x82287cdda3d1b5d26d49ce03280d07b86d54fe54 | $4,096,559 |
0xf6b6f07862a02c85628b3a9688beae07fea9c863 | $3,779,468 |
0x1963ad313f41044a9a48397f31d21bc6a3b4c643 | $2,970,769 |
0xfab576ff46bd27b095a4eee4a293ecb0c41d5a85 | $2,156,659 |
0xc53f38ae0b009bea9c96fd32767f4e4cbf10ffb6 | $1,244,878 |
View More: https://dune.com/scamsniffer/venom-drainer-stats
Phishing Methods
ERC20 – Permit / Approve
Obtain the victim’s approval through Permit or Approve, and transfer user ERC20 tokens on the chain.
Here is the case of trick users approving their token’s approval to the scammers.
NFT Listing – Seaport / Blur
Trick users to sign malicious NFT listings, these malicious listing contains a lower listing price, and usually, it will be zero. once the user sign that, their NFTs could be transferred by the listing signature. they support protocols like Seaport and Blur right now.
In the end, thanks @tay for asking about Venom Drainer which leads us to start analytics how’s stats of them, and thanks @IM_23pds @zachxbt @bax1337 for the data review!
About Scam Sniffer
Scam Sniffer is an anti-scam platform that combined off-chain and on-chain monitoring data to provide real-time anti-scam protection for web3 users.
We’ve helped well-known platforms protect their users and are committed to making web3 secure for the next billion users.