In recent months, there has been a growing concern within the Solana network due to the rise in malicious activities known as wallet “drainers,” as reported by the blockchain security firm Chainalysis. This network gradually became a more attractive target for cybercriminals as the price of SOL, Solana’s native cryptocurrency, experienced a staggering 400% increase in the last three months.
The firm’s research reveals that one of the largest online communities dedicated to these “draining” activities has over 6,000 members. These “drainers” are malicious kits designed to facilitate cyber theft, especially through phishing scams. Brian Carter, a senior intelligence analyst at Chainalysis, emphasizes the versatility of the most successful kits, which can be adapted to target various assets using different methods.
🚨 SOLANA WALLET DRAINER
We have detected a new Solana wallet drainer kit being actively distributed. This is targeted at popular meme coins such as Bonk, Jupiter, Chonky, Galactic Geckos & dogwifhat.
Our browser extension is now proactively blocking these websites. pic.twitter.com/59VVuUa2eI
— Wallet Guard (@wallet_guard) December 29, 2023
The investigation pointed out a clear connection to Russia and a small community of developers offering these kits, with much of the documentation written in Russian. Although there is a large community focused on Solana, most kits are not exclusively limited to this network, as they are flexible and capable of targeting other assets.
/2 These drainers are highly sophisticated and can deceive the simulations used by Solana wallets, leading users to unknowingly sign malicious transactions.https://t.co/I2kPQl7U3Z pic.twitter.com/QIbGfEVN4z
— Blockaid (@blockaid_) January 2, 2024
Chainalysis Recommendations to Prevent Attacks
In response to this growing threat, the use of security tools such as Wallet Guard is recommended, which has recently implemented specific protections against Solana “drainers.” Additionally, it is highlighted that phishing through malicious links is a common attack vector, and cybercriminals often exploit users’ fear of missing out by spamming decentralized finance communities with links to seemingly legitimate but fraudulent websites.
The proliferation of Solana draining kits experienced a significant surge since December of last year when they began to be offered in private hacker chat groups and on the dark web for as little as $250 per month, according to CertiK, another blockchain security firm. These kits are designed to deceive users through phishing scams, convincing them to enter wallet details on fake websites. In this context, where security takes on greater importance, it is crucial for the user community to stay vigilant and employ appropriate protection measures to safeguard their digital assets.