×
A powerful documentary on how Bitcoin and blockchain are reshaping money, power, and geopolitics—from El Salvador’s Bitcoin experiment and Europe’s regulatory revolution to the rise of decentralized finance and the new global financial order.
A new, insidious wallet-emptying scheme has made its appearance in the crypto underground environment, increasing the pressure on an ecosystem already grappling with an unstoppable wave of phishing attacks.
On 9 November, SlowMist founder Yu Xian announced that his team had identified a growing number of victims linked to a group known as Eleven Drainer. According to Xian, it is a new 'phishing-as-a-service' operator that has become increasingly active in recent weeks.
His observations indicate that the operators are expanding their reach and refining their techniques, prompting SlowMist researchers to examine whether the group has introduced more advanced exploitation methods.
The Black Market of "Phishing-as-a-Service" Expanding
Eleven Drainer joins a crowded landscape of professional "draining" service providers, such as Angel and Inferno Drainer. In recent years, this industry has flourished because it allows fraudsters to conduct large-scale malicious operations with minimal effort.
These phishing 'kits' provide everything an attacker needs, including website replicas, deceptive social media accounts, smart contract scripts, and automated workflows.
In return, the operators pocket a percentage of the stolen funds. As a result, these malicious actors have become the backbone of modern phishing crypto campaigns. In 2024, drainers were responsible for an estimated $494 million in losses, a 67 per cent jump from the previous year.
The User's Discipline: The Only True Defence
Despite the increasing sophistication of these groups, security specialists emphasise that user behaviour remains the weakest point in most incidents.
According to them, attackers leverage hasty decisions and misleading requests. In addition, they employ social engineering tactics to convince users to sign off on asset withdrawals without noticing the warning signs.
Xian emphasised this reality, noting that "there is not much to mention about defence" beyond disciplined online behaviour. His advice follows a clear logic: always avoid unfamiliar websites, scrutinise every wallet signature request, and refuse to approve transactions under pressure.
Read Next
Hack Trust Wallet at Christmas: $7 million stolen
A critical bug in Trust Wallet's Chrome extension caused the theft of around $7 million in crypto. Here's what happened, who is at risk, and how to protect your funds.
Solana withstands record 6 Tbps DDoS attack
Solana overcame one of the largest DDoS attacks in history without downtime, marking a breakthrough in network resilience.
North Korean Hackers Steal $300M with Fake Crypto Meetings
Cyber criminals linked to North Korea embezzled over $300 million from the crypto sector using fake video meetings, compromised Telegram accounts and advanced malware.
Hack on WeChat involves the co-founder of Binance
The Binance co-founder's WeChat account was hacked to push the Mubarakah meme coin in a pump-and-dump scheme.