A sophisticated phishing scheme involving the infamous crypto-hacking organisation Pink Drainer has led to the loss of $4.4 million in Chainlink (LINK) tokens. The lone victim of the cyberattack was tricked into signing a transaction related to the ‘Increase Approval’ feature, a common practice in the cryptocurrency community that lets users restrict the quantity of tokens that can be transferred by another wallet. This move made it possible for the unlawful transfer of 275,700 LINK tokens in two different transactions to occur without the victim’s knowledge.
The tokens were drained in two transfers, according to crypto-security platform Scam Sniffer. 68,925 LINK tokens were first transferred to a wallet identified by Etherscan as “PinkDrainer: Wallet 2.” One address that ended in “E70e” received the remaining 206,775 LINK tokens. ZachXBT, a well-known cryptocurrency investigator, revealed that the pilfered money was promptly exchanged for Ethereum (ETH) and laundered using the eXch platform, hence increasing the complexity of tracking down the assets.
The Pink Drainer group was involved in this theft, according to Scam Sniffer’s investigation, albeit it’s still unknown how exactly the victim was forced to approve the token transfer. In the last 24 hours alone, the platform has discovered at least 10 new scam sites associated with Pink Drainer. Recognised for their prominent assaults on social media sites like Discord and Twitter, the organisation has been connected to events including Pika Protocol, Orbiter Finance, and Evomos. They were also connected to a scam earlier this year that had them posing as cryptocurrency journalists and stole almost $3 million from over 1,932 victims. According to Dune Analytics’ most recent statistics, Pink Drainer’s operations have intensified. The total damages incurred thus far reach $18.7 million, impacting 9,068 victims.
