Monkey Drainer-linked scammers possibly exposed after an on-chain quarrel

Blockchain information steadfast CertiK believes to person recovered the existent individuality of astatine slightest 1 scammer allegedly linked tothe “Monkey Drainer” phishing scam.

Monkey Drainer is the pseudonym for a phishing scammer(s) that uses astute contracts to bargain NFTs done a process known arsenic "ice phishing." 

The idiosyncratic oregon persons down the phishing scam have stolen millions worthy of Ether (ETH) via malicious copycat nonfungible token (NFT) minting websites to date. 

In a Jan. 27 blog, CertiK said it recovered on-chain messages betwixt 2 scammers progressive successful a caller $4.3 cardinal Porsche NFT phishing scam and was capable to nexus 1 of them to a Telegram relationship progressive successful selling the Monkey Drainer-style phishing kit. 

— CertiK (@CertiK) January 28, 2023

One connection revealed a idiosyncratic referring to themself arsenic “Zentoh” and referred to the idiosyncratic who stole the funds arsenic “Kai.”

Zentoh was seemingly upset astatine Kai for not sending implicit a portion of the stolen funds. The connection from Zentoh directs Kai to deposit the ill-gotten gains “at our address.”

An on-chain connection from a idiosyncratic referring to themselves arsenic “Zentoh,” upset they didn’t person a information of phished funds from a idiosyncratic they code arsenic “Kai.” Image: CertiK

CertiK deduced the associated wallet was the code that received the $4.3 cardinal successful stolen crypto. The steadfast added determination is simply a “direct link” betwixt the associated wallet and “some of the astir salient Monkey Drainer scammer wallets.”

The wallet code tied to Zentoh is successful crook tied to galore addresses linked to the Monkey Drainer scam. Image: CertiK

Zentoh revealed successful different connection the brace utilized Telegram to communicate. CertiK recovered an nonstop lucifer for the pseudonym connected the messaging app and identified it “to beryllium moving a Telegram radical that sells phishing kits to scammers.”

The institution recovered galore different online accounts perchance linked to Zentoh, including 1 connected GitHub that posted repositories for crypto drainer tools.

If the links betwixt the accounts are legitimate, it reveals the individuality of a French nationalist surviving successful Russia.

Cointelegraph reviewed accounts perchance related to the idiosyncratic and recovered nationalist accounts that seemed to beryllium funny successful cryptocurrencies. Cointelegraph contacted the idiosyncratic but did not instantly person a response.

Cointelegraph volition not people the sanction of the idiosyncratic owed to privateness concerns.

Related: Hackers instrumentality implicit Azuki’s Twitter account, bargain implicit $750K successful little than 30 minutes

Crypto wallet-draining phishing scams person unluckily been utilized to large effect recently.

The co-founder of the Moonbirds NFT collection, Kevin Rose, fell unfortunate to specified a scam that pb to over $1.1 cardinal worth of his idiosyncratic NFTs being stolen.

The crypto wallet of the influencer known connected Twitter arsenic “NFT God” suffered a akin fate aft they downloaded malicious bundle from a Google Ad hunt result, with ETH and high-priced NFTs pilfered from the wallet.