"What Are 'Drainer Smart Contracts' and Why Is the FBI Warning of Them?"

The FBI urges potential Non-Fungible Token (NFT) buyers to look out for malicious websites that use "drainer smart contracts" to secretly steal from cryptocurrency wallets. The websites pose as outlets for legitimate NFT projects with new offerings. They are promoted by compromised social media accounts belonging to known NFT developers or accounts designed to appear as if they belong to such developers. Posts attempt to provoke a sense of urgency by using phrases such as "limited supply" or referring to the promotion as a "surprise." FBI officials noted in an advisory that the spoofed websites invite victims to connect their cryptocurrency wallets and purchase the NFT. The victims connect their cryptocurrency wallets unknowingly to a drainer smart contract, transferring their cryptocurrency and NFTs to wallets operated by criminals. From there, the criminals typically launder the stolen assets through a series of cryptocurrency exchanges or other services that mix them with others' assets to cover the path and destination of the stolen NFTs. Smart contracts are a form of computer code that executes a transaction or agreement, typically involving the transfer of digital assets. Criminals often use smart contracts with flaws or loopholes that allow them to transfer millions of dollars in assets from one or more parties entering the agreement. This article continues to discuss the FBI's warning about drainer smart contracts. 

Ars Technica reports "What Are 'Drainer Smart Contracts' and Why Is the FBI Warning of Them?"