👾Infamous Pink Drainer trapped another victim for $4.4M
In brief ⚡
Infamous Pink Drainer trapped a victim with $4.4M worth LINK token.
Thunder Terminal suffered an exploit due to exploit in third party service resulting in a loss of $242k
Tokens Involved in an exit scam
Sleepless AI
FOMO Fi
Nebula Node
Fake NfPrompt
PIKE Token
Hacks and Scams⚠️
Pink Drainer
Amount of Loss: ~ $4.4M
Analysis
On Dec 28, the #PinkDrainer crypto scammers executed two transactions, conning a victim and stealing $4.4M worth of LINK.
The victim's address is 0xea69653e6dd19789ac15ce5752547a94da8dd4cf.
The fake phishing address used by the scammers is Fake_Phishing269918: 0x8fae6d798ec0a2127f962ce49573492894d2e70e.
The Pink Drainer scammers used two wallets for the transactions: Wallet 1 - 0x63605e53d422c4f1ac0e01390ac59aaf84c44a51 and Wallet 2 - 0x9fa7bb759641fcd37fe4ae41f725e0f653f2c726.
Transaction details can be found at:
Hack Txn1: Link to Etherscan
Hack Txn2: Link to Etherscan
Thunder Terminal
Amount of Loss: ~ $242k
Analysis
Multi-chain crypto trading platform ThunderTerminal experienced an exploit resulting in a loss of approximately $242K (86.56 ETH + 439.12 SOL).
The exploit occurred from Dec 27, 12:11 AM UTC to Dec 27, 12:20 AM UTC.
Less than 1% of wallets were affected, and no desktop wallets were impacted.
The cause of the exploit was a compromised third-party service (MongoDB Atlas) connection URL, allowing the unauthorized execution of withdrawals.
MongoDB company was exploited 8 days prior, leading to leaked data and customer account details.
ThunderTerminal assured the community that team accounts were not compromised, and as private keys were not stored, the attacker couldn't access wallets. The stolen ETH was transferred to Railgun, a decentralized privacy protocol.
Exit Scam
Amount of Loss: ~ $840.6k
Analysis
There has been an uptrend with rugpulls at the end of the year.
The main approach to perform a rug pull is to create a token with the same name as a reputed token.
Here are some of the tokens that are involved in rug pull scams this week
Sleepless AI
FOMO Fi
Nebula Node
Fake NfPrompt
PIKE Token
Explore the Depths of Knowledge: Research Papers, Blogs and Tweets🔖
Tweets
GitHub Repos
Articles
Web3 Community Spotlight🔦
Note - all the respective links has been embedded in the image
Thanks for reading HashingBits! Share a summary of our newsletter on your social media platforms, tag us, and use the #AwareToEarn hashtag, and you could win 10 USDT as a reward! Help us build a safer Web3 ecosystem and have a chance to earn rewards and support our work.