The cybercriminal group behind the MS Drainer malware, as well as its partners, have stolen almost $59 million from users of the social network X (formerly Twitter) since March 2023. This data was shared by ScamSniffer researchers who studied the phishing empire of the MS Drainer developers.
In particular, they found that cybercriminals use about 10 thousand phishing resources. Their victims were approximately 63 thousand users of the social network X. Advertisements leading to these sites were targeted at holders of cryptocurrency assets. After clicking on such an advertisement, the user was transferred to a site where he was deceived into approving malicious contracts.
This made it possible for attackers and their partners to automatically carry out unauthorized transactions and withdraw funds from cryptocurrency wallets. The MS Drainer software itself is, in fact, a malicious smart contract, and in fact, a full-fledged phishing system.
However, the MS Drainer source code can be purchased for only $1,500. However, in the future the buyer will have to pay 20 percent of each illegal cryptocurrency transfer made possible thanks to this software. In addition, you can purchase additional modules that add new functions to MS Drainer. Their cost varies from 500 to 1000 dollars.
ScamSniffer data shows that the person who suffered the most from MS Drainer’s work was the owner of an Ethereum wallet, from whom $24 million worth of cryptocurrency was stolen. In all other cases, from 440 thousand to 1.2 million dollars were taken from the owners of their wallets. At the same time, the malware is also promoted on Google using advertising tools. Typically, these ads are served using keywords associated with DeFi platforms: Zapper, Lido, Stargate, Defillama, Orbiter Finance and Radiant.
In particular, they found that cybercriminals use about 10 thousand phishing resources. Their victims were approximately 63 thousand users of the social network X. Advertisements leading to these sites were targeted at holders of cryptocurrency assets. After clicking on such an advertisement, the user was transferred to a site where he was deceived into approving malicious contracts.
This made it possible for attackers and their partners to automatically carry out unauthorized transactions and withdraw funds from cryptocurrency wallets. The MS Drainer software itself is, in fact, a malicious smart contract, and in fact, a full-fledged phishing system.
However, the MS Drainer source code can be purchased for only $1,500. However, in the future the buyer will have to pay 20 percent of each illegal cryptocurrency transfer made possible thanks to this software. In addition, you can purchase additional modules that add new functions to MS Drainer. Their cost varies from 500 to 1000 dollars.
ScamSniffer data shows that the person who suffered the most from MS Drainer’s work was the owner of an Ethereum wallet, from whom $24 million worth of cryptocurrency was stolen. In all other cases, from 440 thousand to 1.2 million dollars were taken from the owners of their wallets. At the same time, the malware is also promoted on Google using advertising tools. Typically, these ads are served using keywords associated with DeFi platforms: Zapper, Lido, Stargate, Defillama, Orbiter Finance and Radiant.
