1
Pink Drainer, notorious for having assisted threat actors in stealing funds from crypto owners, reportedly had a taste of its own medicine Sunday after a wallet linked to the notorious scammer group fell victim to an address poisoning attack. Bybit/flickr.com

KEY POINTS

  • The Pink Drainer-linked wallet accidentally sent 10 $ETH to a fake wallet address
  • Pink Drainer announced its retirement from the industry in May after helping siphon $75 million from the crypto sector
  • Another service, Inferno Drainer, has resurfaced after its rival's retirement

A digital wallet linked to Pink Drainer, an infamous wallet-draining group that "retired" from its activities this year, has allegedly fallen victim to an "address poisoning" scam, a cryptocurrency compliance firm said Sunday.

MistTrack reported Sunday that a "scamming the scammer" incident took place, and it appears "an address associated with the Pink Drainer" was the victim of an address poisoning scam – a type of crypto scam wherein the wallet owner is tricked into sending funds to a fake address that looks similar to the address of a wallet the owner is sending funds to.

"Can't say we feel bad for them tho," MistTrack wrote under photos that showed the activity. Based on the images, it appears that the Pink Drainer wallet accidentally sent 10 Ether ($ETH) worth around $29,000 to the fake address.

"Scammers have bots that look for new transactions. Since they can't crack the code on the whole address, it's possible to make the first and last few characters look similar to the address being used. So the scammer is banking on the victim to [copy the] scam address instead of the victim's original address," the MistTrack team said.

News about a Pink Drainer wallet falling victim to other scammers comes over a month after the notorious digital assets draining group announced that it was shutting down since it has achieved its goal.

At the time, Pink Drainer said it was "truly happy to have supported all of you for over a year without any scams, backdooring, or major incidents." Prominent crypto sleuth ZachXBT noted that more than $75 million worth of cryptocurrencies were stolen using the drainer service.

Blockchain security firm Scam Sniffer said some 20,000 people fell victim to security incidents that used Pink Drainer in a year. Last year, the crypto industry lost $53 million to exploiters who used the drainer – 9,000 wallet owners were victimized in the process, one of them losing over $4 million worth of digital assets.

Meanwhile, another wallet-draining service has resurfaced following Pink Drainer's retirement. MistTrack revealed late Sunday that the "Inferno Drainer is active again." A wallet linked to the scammer group transferred 304 $ETH worth over $884,000 based on current prices to SynapseRouter.

Cybersecurity and anti-virus provider Kaspersky noted that drainers used by threat actors today are able to automate most of the work in emptying a victim's wallet. It said one way to avoid falling victim to drainer activity is to store most digital assets in cold wallets and only keep a few in hot crypto wallets.

A sticking point that Kaspersky reiterated is reviewing transactions very carefully. To verify transactions, wallet owners may use companion browser extensions, it said.