Thursday, November 7, 2024
Home > News > Bitcoin News > Wallet drainer moves funds to Tornado Cash

Wallet drainer moves funds to Tornado Cash

Crypto security firm CertiK has warned that a known wallet drainer has moved funds into sanctioned crypto tumbler Tornado Cash.

In a May 27 alert, CertiK stated that two externally owned addresses (EOAs), 0x546 and 0x108, deposited 20 ether (ETH) with a market value of $36,473 into Tornado Cash.

Source: CertiK on Twitter

Per the alert, the funds came from a wallet drainer, a malicious file that automatically moves crypto from the wallets of unsuspecting visitors to phishing sites.

While CertiK claimed the address from which the funds originated was a known wallet drainer, it did not reveal any past exploits associated with it.

Scammers post phishing link Nahmii Discord channel

It was not the only alert CertiK issued over the weekend, as hackers and exploiters kept up their attacks on crypto platforms.

The on-chain security company also alerted users to a fake token airdrop link posted on layer-2 (L2) protocol Nahmii’s Discord channel. CertiK cautioned Nahmii users from clicking on the link, which it claimed led to another known wallet drainer.

Source: Twitter
Source: CertiK on Twitter

Nahmii is an L2 protocol on Ethereum that provides transactions for decentralized applications (dApps). It uses a hybrid consensus mechanism that combines proof-of-stake (PoS) and proof-of-transfer (PoT) to achieve finality and security.

Its native NII token is used for staking, governance, and settling fees on the network. CertiK advised Nahmii users to refrain from clicking on any links until the Nahmii team confirmed regaining server control.

CertiK also attracted crypto users’ attention to a fake Refund (RFD) airdrop allegedly promoted on Twitter by @Arnoldty_eth, an account with over 8,000 followers.

Source: Twitter
Source: ArnoldTY on Twitter

The account promoting the alleged scam posted instructions on how to claim the RFD airdrop, which included entering a website that CertiK claimed connected to a phishing contract, 0x146.

Lately, crypto scammers have used active crypto Twitter accounts to knowingly or unknowingly promote phishing scams.

On May 26, hackers took over a popular Twitter account, @steveaoki, and used it to push a fake airdrop that caused unsuspecting users to lose over $170,000. Other accounts, such as @eth_ben, exacerbated the scam, unwittingly pushing the fake promo and getting it seen by even more people.


Follow Us on Google News



Source