Solana Focused Wallet Drainers on the Rise, Security Platforms Warn

Published: Jan 4, 2024
Written By:
Vignesh Karunanidhi
Milk Road Writer

Blockchain security platforms Blockaid and CertiK this week spotlighted escalating threats targeting Solana ecosystems from sophisticated hacking kits dubbed “wallet drainers.” These enable fraudsters to covertly drain wallets after deceiving victims into approving malicious transactions.

Losses are already mounting into the hundreds of thousands of dollars. Additionally, developers are urging vigilance as threats migrate from the Ethereum ecosystem.

Key Details:

  • Drainers evade protections via precision attacks and misleading wallet signature validations.
  • Prominent recent example drained funds after deceiving LessFeesNDgas site visitors.
  • Solana drainer products and services are now offered by portions of Russian fraud communities.

Drainers Exploit Gaps in Wallet Defenses

Drainers manage to establish wallet connections and then manipulate users into approving withdrawal transactions under false pretenses. By perfectly simulating legitimate actions, they bypass risk checks and drain assets without triggering warnings.

A recent successful attempt resulted in the theft of tokens, with SOL drainer services being used to direct victims to the fraudulent LessFeesNDgas platform. Fortunately, wallets enabled with Blockaid remained secure, preventing any malicious communication.

Read more: DYdX Identifies YFI Attacker In Pump And Dump Scheme

Threats Transitioning from Ethereum to Solana

According to Chainalysis, the majority of active token drainers are compatible across different blockchains, with Solana capabilities as an additional feature. However, specialized kits focused on SOL indicate a concentrated effort in testing protections as assets transition between networks.

Brian Carter notes that the largest drainer communities are linked to Russian developers. In addition, as Solana gains traction, attackers are responding by bolstering efforts to siphon funds from hot wallets controlling keys.

Read more: ENS Token Skyrockets 50% As Vitalik Buterin Highlights Its Significance

Carter advises using safeguarding tools and implementing robust protections against signature manipulation. In addition, avoiding suspicious links and communications can prevent exposing credentials.

However, the unpredictability of precision wallet assaults mandates extra vigilance. With losses scaling exponentially, developers must implement layered safeguards, assuming account infiltration. 

Vignesh Karunanidhi

Vignesh has been a seasoned professional in the crypto space since 2017. He has been writing for over 6 years and specializes in writing and editing various types of crypto content, including news articles, long-form pieces, and blog posts, all focused on sharing the beauty of blockchain and crypto.

Vignesh Karunanidhi
Milk Road Writer
Vignesh has been a seasoned professional in the crypto space since 2017. He has been writing for over 6 years and specializes in writing and editing various types of crypto content, including news articles, long-form pieces, and blog posts, all focused on sharing the beauty of blockchain and crypto.