Nearly $3M in crypto stolen in new Pink Drainer phishing attacks

Hacking operation Pink Drainer has exfiltrated nearly $3 million worth of Mainnet and Arbitrum digital assets from 1,932 Twitter and Discord accounts compromised through phishing attacks involving the impersonation of journalists, reports BleepingComputer. OpenAI Chief Technology Officer Mira Murati, Steve Aoki, Orbiter Finance, Pika Protocol, Starknet ID, LiFi, and others have been targeted by Pink Drainer's social engineering attacks, which involved threat actors masquerading as Cointelegraph or Decrypt journalists looking to conduct interviews with the targets, according to a ScamSniffer report. Victims have been told about the need for know your customer validation before being redirected to sites with Discord authentication token theft capabilities, which would later facilitate account hijacking. Threat actors then establish themselves as account admins to enable digital asset and information exfiltration, while compromised accounts with significant following have been leveraged to promote fraudulent giveaways, phishing pages, cryptocurrency scams, and fake mints, said researchers, who urged increased vigilance amid the attacks.