As per emerging report from Peckshield, a renowned blockchain security firm, a monkey drainer has stolen 7 Cryptopunks and 20 Otherdeed pieces. The stolen assets, as reported, worth about 520 ETH, equivalent to over $824,200. This development thus makes it the second time that the drainer will engage in such atrocity within seven days.
Notably, the increasing rate of exploitations rocking the virtual space has not spared the NFT sphere. In recent times, the sphere witnessed a series of exploitations, involving monkey drainers who usually rob unsuspecting NFTs holders of their collection. According to findings, the drainers achieve this by inflicting phishing attacks, thereby gaining unauthorized access to accounts of holders. In many cases, the exploiter sends phishing mails and usually persuades the unsuspecting holders to open the link attached to the mail. Monkey drainer, for instance, usually initiates fake NFT sites, making them appear like leading blockchain platforms. Afterward, unsuspecting users are made to reveal their private details. By so doing, the attacker get unwarranted access to the wallet of the holder.
Through this technique, exploiters have been able to carry out a series of successful exploitations in the NFT community. Last June, renowned NFT collection Bored Ape Yacht Club (BAYC) lost ETH 200 worth of assets to such exploitation. Also, an NFT influencer Zeneca and NFT registration platform PREMINT were also victims of similar exploitations last July.
Monkey Drainer stole 700 ETH worth of digital assets in October
Regrettably, just last week, monkey drainer stole about 700 ETH ($1 million) worth of crypto and non-fungible tokens (NFTs). The news of the attack was first broken by ZachXBT, an on-chain sleuth. According to ZachXBT, the scammer employed phishing tactics to drain user funds.
As reported, two addresses, identified as 0x02a and 0x626 became identified as biggest victims of the attack. The accounts reportedly lost a total of $370,000 after signing transactions on phishing sites initiated by the monkey drainer. 0x626 alone lost over $6.2 million while the other victim, 0x02a, lost one Bored Ape Yacht Club (BAYC), one CloneX, $36,000 in USDC stablecoin, and 12 other NFTs, equivalent to about $150,000.
Shortly after the reports of the exploitation dominated the airspace, Web3 security network Chainabuse flagged four addresses relating to monkey drainer. According to Chainabuse, victims appear “to have been phished by a fake Aptos Airdrop Twitter account.” The security protocol promised to keep trailing the attacker to ensure the recovery of the stolen assets.