Threats Tagged 'drainer-as-a-service'
View all threats tagged with 'drainer-as-a-service'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'drainer-as-a-service'
Click on any threat for detailed analysis and mitigation recommendations
Crypto Drainers as a Converging Threat: Insights into Emerging Hybrid Attack Ecosystems 0 Cybercriminals are merging traditional malware operations with cryptocurrency-focused attacks, creating hybrid threat ecosystems. Modern crypto drainers have evolved into automated systems capable of extracting assets across multiple blockchains with minimal user interaction, supported by well-developed underground marketplaces offering drainer-as-a-service kits. Two case studies exemplify this convergence: StepDrainer operates as a multichain drainer-as-a-service platform that abuses Web3Modal and smart contract methods across over 20 blockchain networks, using AI-themed lures and polished interfaces to deceive victims into connecting wallets. EtherRAT represents a hybrid Windows implant delivered through trojanized TFTP installers, combining traditional RAT capabilities with blockchain-aware functionality including Ethereum RPC endpoints and embedded wallet addresses. Both threats demonstrate how cryptocurrency theft infrastructure now intersects with mainstream attack surfaces affecting enterprise envir... Join the discussion | AlienVault OTX General | 04/23/2026, 19:25:57 UTC Added: 04/24/2026, 08:51:05 UTC |
Silent Crypto Wallet Takeover Unlimited USDT Approval Exploitation via Trust Wallet QR Code Phishing 0 An active campaign targets Trust Wallet users through malicious QR codes distributed via Telegram, exploiting deep link mechanisms to redirect victims to Netlify-hosted phishing domains. The attack masquerades as a legitimate USDT transfer interface but covertly triggers an ERC-20 approve() transaction, granting unlimited token allowance to an attacker-controlled contract on BNB Smart Chain. This enables persistent fund drainage without further victim interaction. The modular drainer architecture uses config.js for control parameters and main.js for execution logic, with integrated Telegram bot infrastructure providing real-time transaction monitoring. Analysis confirms 52 transaction notifications indicating active exploitation. The campaign employs social engineering through a deceptive dollar-one illusion where victims believe they are initiating small transactions while actually granting unlimited wallet access. Multiple cloned phishing domains demonstrate scalable deployment within a Drainer-as-a-Servic Join the discussion | AlienVault OTX General | 04/15/2026, 17:16:15 UTC Added: 04/15/2026, 17:32:23 UTC |
Showing 1 to 2 of 2 results