Hacking group Pink Drainer strikes again, pilfering $4.4M from just 1 victim


The crypto hacking group known as “Pink Drainer” has been tied to a massive $4.4 million theft of LINK tokens from a single victim — who was somehow tricked into signing an “Increase Approval” function. 

According to on-chain data, the victim was drained of a total of 275,700 in Chainlink (LINK) — currently worth $4.33 million — across two transactions within a minute of signing the “Increase Approval” transaction.

Around 68,925 LINK was transferred to a wallet labeled on Etherscan as “PinkDrainer: Wallet 2,” while another 206,775 LINK was sent to an address ending “E70e.”

Speaking to Cointelegraph, blockchain security firm Scam Sniffer confirmed the recent theft was related to Pink Drainer, but said it remains unclear how the victim interacted with the phishing website. Scam Sniffer added it had identified at least 10 Pink Drainer scam sites in the last 24 hours.

“This is a typical attack where the victim happens to have a lot of assets,” the firm added.

List of Pink Drainer scam websites identified in the last 24 hours. Source: Scam Sniffer

Blockchain investigator ZachXBT noted the stolen funds have since been sold for Ether (ETH) and are currently being laundered through “instant cryptocurrency exchange” eXch.

Pink Drainer has been associated with several Discord and Twitter hacks in the past year, including Evomos, Pika Protocol, OpenAI chief technology officer Mira Murati, and Orbiter Finance.

The group has also been behind a spate of scams that involved them impersonating crypto journalists.

Related: $3M of crypto stolen on Christmas Day — MS Drainer scammers fleece victims

In June, Scam Sniffer found that approximately $3 million had been stolen by Pink Drainer over 1,932 victims.

As of Dec. 19, that number has risen to $18.7 million across 9,068 victims, according to data from Dune Analytics.

Magazine: DeFi’s billion-dollar secret: The insiders responsible for hacks