The Ultimate Guide to Preventing Drainware Attacks

The Ultimate Guide to Preventing Drainware Attacks

A wallet drainer is a tool capable of completely draining all assets of the crypto wallet. Hackers use this tool to steal funds. Let's look at a quick guide to prevent these types of attacks.

How it Works

There are two phases of a drainware attack: private key theft and the wallet drain phase.

Hackers usually access private keys through phishing attempts. The phishing email will look completely legitimate: a fake web page that's nearly identical to the real one.

It will even have the proper SSL certificates that pass most email filters.

Their goal is to gain access to the mnemonic phrase. Once the victim types in the phrase, the fake web page will display some sort of "error". 

From there, the hacker has already moved to Phase Two: wallet draining. 

The scammer takes the stolen mnemonic phrase and runs the wallet drainer with it. 

Wallet drainers simulate an actual wallet: they generate keys and multiple addresses under the private key's control. Then it checks for any assets held under each address.

For every asset found, the drainer builds and signs a transaction moving the asset to a new wallet.

Skilled scammers create different wallets for each theft. This makes it harder to track funds. 

The Ultimate Guide to Prevent Drainware Attacks drainware attacks

How to Protect Your Funds

To safeguard yourself from these attacks, be careful when using browser-based wallets.

Never use your wallet-enabled browser for general web browsing. Use a clean tab for your crypto transactions, and a separate tab for your day-to-day browsing.

Most browsers allow you to create separate profiles for different uses. 

Consider using a hardware wallet. It's much harder to leak a private key from a Ledger or Trezor. 

Always check if the wallet URL matches the official address. Phishing pages will be nearly identical. 

If there are any SSL certificate warnings, do not continue. Log off and contact wallet support. If possible, take a screenshot. 

It could be a glitch, but SSL warnings also indicate a website has been compromised.

The Ultimate Guide to Prevent Drainware Attacks

Wrapping Up

Drainware attacks are only started through phishing attempts. So be mindful of what you click and what websites you visit.

A good trick to crypto wallet security is to have a device dedicated to crypto.

Whether that is a computer or an Android phone, pick something that's easily accessible and light on resources. Try not to install anything on it other than crypto software.

You should also create an email dedicated to crypto rather than using a personal email.

It's important to stay in the loop of any new attacks or threats so you can respond quickly.

Sign up for some newsletters and keep some crypto news sites bookmarked.

Check if your favorite exchange is going through any legal changes or updates. Also, see if your crypto wallet is releasing any updates or security patches.

Back to blog