Scammers stole a staggering $494 million in cryptocurrency through wallet drainer attacks in 2024.
According to BleepingComputer, these attacks targeted more than 300,000 wallet addresses, marking a sharp 67% increase in stolen funds compared to 2023. Interestingly, the number of victims barely changed – up by just 3.7%. This suggests that victims were holding significantly larger sums of cryptocurrency than before.
The insights come from Scam Sniffer, a web3 anti-scam platform that has been monitoring wallet drainer activity for some time. The platform previously flagged attack waves that impacted as many as 100,000 people in a single sweep.
So, what exactly are wallet drainers? Essentially, they are phishing tools designed to siphon cryptocurrency or other digital assets from users’ wallets. These tools typically reach victims through fake or compromised websites.
In 2024, Scam Sniffer recorded 30 large-scale thefts – each netting over $1 million. The largest single heist of the year? A jaw-dropping $55.4 million in cryptocurrency, stolen early in the year when Bitcoin’s price surge seemed to fuel phishing activity. In fact, the first quarter alone accounted for $187 million in losses from wallet drainer attacks.
The drama did not end there. In the second quarter, Pink Drainer, a well-known drainer service known for impersonating journalists and hacking Discord and Twitter accounts, announced its exit. While this resulted in an abrupt drop in phishing activity, scammers recovered in the third quarter. Leading the resurgence was Inferno, a service that caused $110 million in losses during August and September alone.
By the year’s final quarter, activity had slowed, with losses during this period making up just 10.3% of the year’s total. Even so, a new player, Acedrainer, emerged, claiming 20% of the drainer market, according to Scam Sniffer.
Unsurprisingly, Ethereum was hit the hardest – 85.3% of the stolen funds, amounting to $152 million, came from Ethereum-based wallets. Among the most targeted assets were staking funds (40.9%) and stablecoins (33.5%).
As for tactics, 2024 saw scammers becoming increasingly creative. Scam Sniffer observed a rise in the use of fake CAPTCHA and Cloudflare pages, along with the deployment of IPFS to evade detection. Attackers also leaned heavily on specific signature types – 56.7% of thefts used the “Permit” signature, which authorises token spending, while 31.9% relied on ‘setOwner’, which changes smart contract ownership or admin rights.
Another troubling trend was the use of Google Ads and Twitter ads to drive victims to phishing sites. Attackers exploited compromised accounts, bots, and fake token airdrops to reel people in.
So, how do people stay safe in this high-stakes game? Scam Sniffer recommends using trusted, verified websites and double-checking URLs against official project pages. It’s also a good idea to read transaction prompts carefully before signing anything and simulate transactions to find risks in advance.
In addition, many wallets now include built-in phishing warnings, which users should enable. Also, don’t forget to use token-revoking tools to remove any suspicious permissions.
