Cryptocurrency scammers exploit MS Drainer to siphon $59 million: Details


  • Cryptocurrency scammers exploit “MS Drainer” to siphon $59 million in a sophisticated operation targeting 63,210 victims.
  • Scammers utilize Google and Twitter ads with fake versions of popular crypto sites, evading detection through regional targeting and page-switching tactics.

Scammers have orchestrated a sophisticated operation using a cryptocurrency wallet-draining service known as “MS Drainer,” extracting a staggering $59 million from approximately 63,210 victims over the past nine months. The modus operandi involves leveraging Google and Twitter ads to lure unsuspecting users into fake versions of popular crypto sites.

Blockchain security platform Scam Sniffer uncovered the elaborate scheme, revealing that scammers targeted victims with counterfeit versions of well-known crypto platforms, including Zapper, Lido, Stargate, DefiLlama, Orbiter Finance, and Radient. These malicious actors utilized Google Ads, exploiting a variety of tactics to evade detection.

Bypassing Google’s defenses

Despite Google’s auditing systems in place to prevent phishing scams, the scammers employed regional targeting and page-switching tactics to bypass ad audits successfully. This maneuver allowed their ads to sidestep Google’s quality control systems, exposing users to fraudulent schemes.

The scammers further manipulated users through web redirects, creating an illusion of legitimacy by altering URLs. For instance, the scam site “cbridge.ceiler.network” mimicked the correct URL “cbridge.celer.network,” despite the misspelling. During their investigation, Scam Sniffer identified 10,072 fake sites utilizing MS Drainer.

Investigations into MS Drainer unveiled an unconventional marketing strategy employed by its developer. Unlike typical wallet-drainers that charge a percentage of ill-gotten gains, MS Drainer was sold on forums for a flat fee of $1,499.99. Additional “modules” with enhanced features were offered at varying prices, ranging from $699.99 to $999.99.

X (Twitter) also played an unwitting role in this operation. ScamSniffer reported that six out of nine phishing ads on Twitter promoted MS Drainer, with some posted from verified accounts. The ads utilized themes such as “Ordinals Bubbles,” promoting a limited-edition NFT collection and employed geofencing to target specific regions, further evading detection.

Security implications for users

With these malicious campaigns becoming increasingly sophisticated, users are urged to exercise caution when encountering cryptocurrency-related ads. The prevalence of scams on reputable platforms underscores the need for thorough due diligence before engaging with new platforms or connecting wallets.

In conclusion, the emergence of MS Drainer highlights the evolving landscape of cryptocurrency scams, necessitating heightened vigilance from users and continued efforts from platforms to enhance security measures. Stay informed, stay secure!

Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional

Share link:

Damilola Lawrence

Damilola is a crypto enthusiast, content writer, and journalist. When he is not writing, he spends most of his time reading and keeping tabs on exciting projects in the blockchain space. He also studies the ramifications of Web3 and blockchain development to have a stake in the future economy.

Most read

Loading Most Read articles...

Stay on top of crypto news, get daily updates in your inbox

Related News

Subscribe to CryptoPolitan