Solana">Solana cybercriminals have a new strategy in their theft playbook – creating customized “vanity” wallet addresses to seem legitimate. After netting over $900,000 worth of SOL, wallet draining scammers now generate addresses intentionally ending in “11111” to pose as credible.
Researcher Scam Sniffer revealed this deceptive move as drainers infiltrate communities around Solana, Ethereum, and Tron with fake token airdrops. By spoofing sites like Phantom and DappRadar, they dupe victims into connecting wallets and unknowingly signing away funds.
Now adding believable-looking addresses to their scams suggests drainers are upping sophistication to ensnare more users. The move also follows a growing drainer-as-a-service model where operators sell scripts to affiliates for a 20% cut of heists.
As DeFi protocols expand on Solana and elsewhere, hackers craft more advanced techniques to cash in. Generating vanity addresses to appear valid underscores the mounting threat to average crypto adopters. Remembering “if it seems too good to be true…” holds especially vital when tempting airdrops arise.
