Blockchain security firm CertiK believes it has discovered the identity of at least one scammer allegedly linked to the “Monkey Drainer” phishing scam.
Monkey Drainer phishing scammer(s) uses smart contracts to steal NFTs through a process known as “ice phishing”.
The individual or person behind the phishing scam stole millions Ether of Value (Ethereum) To date, through websites that create NFTs (Non Fungible Tokens), which are malicious mimics.
January 27 blogCertiK uncovered on-chain messages between two scammers involved in the recent $4.3 million Porsche NFT phishing scam, linking one of them to a Telegram account involved in selling a monkey drainer-style phishing kit said I could.
Exposed scammers
CertiK investigators found two crooks, Zentoh and Kai, behind Monkey Drainer kits
The kit is sold to scammers who are trying to steal user funds using Ice Phishing.
Who was involved and how?
— CertiK (@CertiK) January 28, 2023
One message revealed that he referred to himself as “Zentoh” and the person who stole the funds as “Kai”.
Zentoh seems angry with Kai for not transferring some of the stolen funds. A message from Zentoh instructs Kai to deposit his ill-gotten gains “at our address.”
CertiK speculated that this joint wallet was the address that received the stolen $4.3 million in cryptocurrency. The company added that there is a “direct link” between the joint wallet and “the wallet of the most famous Monkey Drainer scammer.”
In a separate message, Zentoh revealed that the pair used Telegram to communicate. CertiK found an exact match to the pseudonym on the messaging app, identifying him as “running his Telegram group that sells phishing kits to scammers.”
The company has found many other online accounts that may be linked to Zentoh. Among them was his GitHub account where he posted a repository of cryptocurrency exfiltration tools.
A valid link between accounts reveals the identity of French citizens residing in Russia.
Cointelegraph investigated accounts that may be associated with the person and found public accounts that appeared to be interested in cryptocurrencies. Cointelegraph reached out to the person, but did not receive an immediate response.
Cointelegraph does not disclose the person’s name due to privacy concerns.
Related: Hackers hijack Azuki’s Twitter account, steal over $750,000 in less than 30 minutes
Unfortunately, phishing scams that deplete cryptocurrency wallets have taken their toll recently.
Kevin Rose, co-founder of the Moonbirds NFT collection, fell victim to one of these scams. Valued at over $1.1 million His personal NFT was stolen.
Influencer’s crypto wallet known as “God of NFT” on Twitter suffered a similar fate After downloading malicious software from Google Ads search results and stealing ETH and large NFTs from wallets.
