Is Monkey Drainer Contract the Biggest Phishing Business in Crypto Right Now?

Monkey Drainer Contract has been making headlines recently because of its involvement in phishing scams. Over $1M has been stolen using the contract.

Crypto Drainers are smart contracts that scammers use to steal digital assets using phishing pages that impersonate the websites of popular projects. They trick victims into connecting their wallets to the website for minting and then stealing their digital assets.

After the victim connects their wallet with such phishing websites, the crypto drainers contract deceives the victim to transfer their NFTs to attackers. The victims get scammed in the name of free mints or whitelisting access, among other plausible reasons.

There are templates of smart contracts to build a Drainer contract. Usually, amongst the lines of code, the contract contains the following block of code, according to a blog by blockchain enthusiast Eliya Stein. This Solidity function enables the smart contract to transfer digital assets from the victims’ wallets to the attacker’s wallet.


Over $1 Million stolen with Monkey Drainer contract

The on-chain investigator, ZachXBT, reported on Twitter last month that Monkey Drainer stole over 700 ETH in 24 hours.

One of the victims lost 1 Bored Ape Yacht Club NFT, 36,000 USDC, and 12 other NFTs worth $150,000. While another lost crypto worth over $220,000. ZachXBT believes that the total number stolen easily surpasses $3.5M, with that number rapidly increasing by each day.

Monkey Drainer takes a cut of 30%

Most recently, the attackers targeted the Twitter account of Gabriel Leydon, CEO of Limit Break. They asked for access to all the NFTs from the victims’ wallets.  ZachXBT discovered that it was Monkey Drainer doing it. Someone lost 15 WETH and a Mutant Ape Yacht Club NFT on Wednesday.

How to protect yourself from phishing scams?

Generally, such phishing scams are promoted through social media spam campaigns. Victims are lured in the name of the free mints, giveaways, whitelisting access, etc. They will show limited time to create a sense of urgency. As shown in the screenshot below, the Discord account is generally deleted after a few days of running spam campaigns. Please avoid clicking on the links sent as direct messages by strangers on social media platforms.

Source: Discord screenshot

Or they create fake Twitter accounts impersonating influencers, founders, CXOs, or notable projects. They do it with a slight modification in the spelling of the original account. Generally, original projects have blue-tick verification on Twitter. Please check if the account has one before clicking on any links. If not blue-tick, the original account is followed by other well-known Web3 personalities. Please make sure to do some due diligence. Below is the image of one such fake Twitter id of Aptos used to promote phishing attacks.

Phishing airdrop link
Source: Twitter

Sometimes, they run ad campaigns on Google to show their phishing websites on top of the website of the original project to trick the users. For security purposes, the user should verify the spellings in the link before blindly clicking the first search result. It is even better to avoid clicking on the link that mentions “Ad.” Generally, the original link will be just below the Ad links.

Got something to say about the Monkey Drainer contract or anything else? Write to us or join the discussion on our Telegram channel. You can also catch us on Tik Tok, Facebook, or Twitter.

For BeInCrypto’s latest Bitcoin (BTC) analysis, click here.


All the information contained on our website is published in good faith and for general information purposes only. Any action the reader takes upon the information found on our website is strictly at their own risk.