Drainer Kits in 2026: Anatomy and the Current Landscape

The Franchise Model Nobody Talks About

When a collector loses an NFT collection to a phishing site, the common mental image is a lone hacker in a dark room. The reality is closer to a software franchise. The attacker who ran the malicious site was an affiliate who licensed a drainer kit, paid a 20% revenue share to the kit operator, and deployed ready-made smart contracts and social-engineering templates that came in the package.

Drainer-as-a-service (DaaS) has matured into a fully industrialised malware category with its own economics, competitive market, affiliate networks on Telegram, and product roadmaps. Understanding the landscape is not academic — it is the prerequisite for recognising a live attack before you sign the transaction that empties your wallet.

This article is Part 4 of the NFT Security Masterclass. Parts 1–3 covered the signature types drainers exploit, why hardware wallets partially mitigate blind signing risk, and how to audit and revoke token approvals. This instalment maps the threat at the infrastructure level.

DaaS Economics: The 20% Model

Kit operators set a standard revenue split: affiliates keep 80%, the operator takes 20%. The model creates a scalable criminal business without the operator running a single phishing campaign directly.

The scale of that 20% cut is not theoretical. In 2023, total DaaS losses reached $295 million across roughly 324,000 victims. At the standard cut, operators retained approximately $47 million that year without ever deploying a phishing page themselves. Affiliates sourced the traffic, cloned the sites, and ran the social engineering. The kit provided everything else.

By 2024 the market grew 67% year-on-year: $494 million drained from 332,000 victims. The thirty largest individual thefts that year totalled $171 million, and the single largest — $55.48 million extracted via a setOwner manipulation in August 2024 — illustrates how high-value targets are prioritised when the tooling scales.

2025 showed a sharp contraction: $83.85 million and 106,000 victims, an 83% decline by value. Law enforcement activity, wallet-level countermeasures, and the voluntary retirement of major kits all contributed. The structural model, however, remains intact.

Kit Genealogy: Who Built What

DaaS did not arrive fully formed. A distinct generation of kits emerged through 2022–2024, each with documented victim counts, total hauls, and signature techniques.

Monkey Drainer (2022–early 2023) was among the first kits to demonstrate the franchise model at scale. It extracted roughly $16 million from 18,000 victims before its operator voluntarily retired it in early 2023.

Venom Drainer (January–April 2023) ran for four months and drained $27 million from 15,000 victims. Like Monkey, it exited rather than being shut down by law enforcement — a pattern that repeats across the category.

Inferno Drainer (March–November 2023, relaunched 2024) became the dominant kit of 2023. It extracted $81 million from 134,000 victims across more than 100 branded phishing sites simultaneously active at its peak. Its November 2023 retirement was announced on Telegram. The 2024 relaunch re-entered a more competitive market.

MS Drainer (March 2023 onwards) distinguished itself through an aggressive Google Ads strategy. By purchasing search ads impersonating legitimate protocols, it captured users who typed a project name directly into a search engine rather than clicking a social link. Total extraction reached $59 million from 63,000 victims.

Pink Drainer (March 2023–May 2024) was the kit most associated with Discord server compromises. An attacker would gain moderator access to a legitimate project's Discord, post a fake mint announcement, and funnel the community to a drainer page. Pink also pioneered the EIP-712 numerical address bypass — presenting a raw hexadecimal contract address in a [permit](/academy/nft/nft-signature-types-explained) signature rather than a human-readable name, reducing the chance a careful user would recognise the signer. Pink retired in May 2024 after extracting $85 million from 21,000 victims.

Angel Drainer / AngelX (March 2023 onwards) is widely attributed to affiliates from the Inferno network, though no primary source has confirmed this directly. It reached $20 million and became a dominant force in 2024: 42% market share in Q1–Q2 2024 by ScamSniffer's measurement, dropping to roughly 22–23% combined with Inferno by year-end as AceDrainer captured 20% of the Q3–Q4 market.

Pussy Drainer (January 2023 onwards, $15 million, 4,000 victims) is notable for generating a 2024 civil lawsuit — one of the rare cases where a developer was identified through on-chain tracing and served with legal action. Kit developer identities are typically pseudonymous; treat civil proceedings as a partial deterrent, not a reliable enforcement mechanism.

The consistent pattern: kits retire voluntarily when operators assess that the risk-to-revenue ratio has shifted. Successor kits absorb the affiliate base immediately. Law enforcement has not shut down a major kit mid-operation.

Chain Expansion Beyond Ethereum

Ethereum remained the primary target in 2024 at $152 million in DaaS losses. But the affiliate ecosystem has expanded systematically:

• BNB Chain: $7.88 million
• Blast: $5.87 million (a relatively new L2, showing that new chains attract kit support quickly)
• Arbitrum: $3.55 million
• Base: $1.2 million

TON network integration became a strategic priority for several kit operators. The reason is structural: TON is native to the Telegram ecosystem, and Telegram is where DaaS affiliates recruit, communicate, and coordinate. A user receiving a phishing link inside Telegram and completing the transaction inside the same app faces a compressed attack surface with less contextual friction.

Solana has also seen kit support emerge, driven by the NFT and memecoin activity on that chain. Cross-chain expansion is not technically difficult for kit operators — it is a product decision driven by where the liquidity and user activity are.

The Six UI/UX Attack Vectors

Kit sophistication is not primarily in the smart contracts — it is in the social engineering layer. Drainer kits bundle templates, not just code. Six tactics recur across documented campaigns:

1. Fake Mint / Free Claim Pages

The most common vector. A site impersonates a legitimate project's mint event or airdrop. The user connects their wallet expecting to receive an NFT and instead signs a permit or setApprovalForAll that grants the drainer contract full token access. The transaction costs the victim nothing in gas in many implementations, removing the friction signal that something unusual is happening.

2. The "Protect Your Wallet" Reversal Trick

Users who have heard that they should revoke approvals are targeted with fake revoke tools. The site presents as a security dashboard. The approval it asks you to sign does not revoke anything — it grants a new approval to the drainer contract. The cognitive reversal is deliberate: the user believes they are taking a protective action.

3. Google Ads Phishing

MS Drainer operationalised search engine advertising at scale. Users searching for a protocol name see a sponsored result that appears identical to the legitimate domain. The ad passes Google's review because the landing page initially loads benign content; the drainer logic activates after the wallet connection. Bookmark legitimate URLs rather than using search engines for navigation to high-value protocols.

4. Discord Server Compromise

Pink Drainer's signature approach. Attackers obtain moderator or admin credentials for a legitimate project's Discord — often via phishing the moderators themselves — and post a time-limited fake mint announcement. Community members trust the channel because it is the official server. The attack window is typically 30–90 minutes before the compromise is detected and the post removed.

5. WalletConnect QR Hijacking

A phishing site presents a legitimate-looking WalletConnect QR code. The connection routes through a relay the attacker controls, allowing transaction modification or injection before the request reaches the user's wallet. This vector is more technically complex and less common but has been observed in targeted high-value campaigns.

6. Transaction Simulation Spoofing

The most technically sophisticated tactic. Modern wallets increasingly display a simulated outcome before you sign — showing you what tokens will move and in which direction. Some drainer contracts manipulate the simulation layer so the preview shows a benign outcome (receiving an NFT, for example) while the actual executed transaction drains the wallet. A documented case extracted 143.45 ETH ($461,000) from a single victim via this method.

Signature Methods by Frequency (2024)

ScamSniffer's 2024 data shows how drains are technically executed once the social engineering succeeds:

permit dominates because it is an off-chain signature — no gas required, no on-chain footprint until the drainer contract submits the resulting transaction. The victim signs what appears to be a costless action. The 31.9% setOwner share is driven partly by the August 2024 $55.48 million theft, which demonstrated that high-value protocol-level attacks can dwarf the aggregate retail phishing losses.

Staking tokens accounted for 40.9% of 2024 losses by asset type, stablecoins 33.5%, and Aave collateral tokens 10.7% — reflecting that attackers target liquid, high-value assets, not speculative NFTs alone.

Emerging Vector: EIP-7702 and Pectra

The Ethereum Pectra upgrade (August 2025) introduced EIP-7702, which allows an externally owned account to temporarily delegate its execution to a smart contract via a SetCode transaction. The security implication: an attacker can present a single signature request that, when submitted, installs draining logic into the victim's account and executes it atomically. ScamSniffer flagged early EIP-7702 drainer variants in Q4 2025.

This is a structural shift. Previous drainer methods required either a prior approval or a series of signed messages. EIP-7702 collapses that into one signed operation. Wallets are adapting their simulation and warning layers, but the threat surface has expanded.

Law Enforcement: Operations Spincaster and Atlantic

Two coordinated operations mark the maturation of the law enforcement response.

Operation Spincaster (July 2024, Chainalysis-led) quantified approval phishing cumulative losses at $2.7 billion since May 2021. The operation produced 7,000+ investigative leads, involved 12 agencies, 17 exchanges, and 6 countries, and identified $162 million in at-risk or recently drained funds. No major kit operators were arrested, but the operation demonstrated that on-chain tracing can map the affiliate network even when operators remain pseudonymous.

Operation Atlantic (April 2026, UK NCA + US Secret Service + Ontario Provincial Police + Ontario Securities Commission + Chainalysis) froze $12 million, identified $45 million in traceable flows, and attributed losses to 20,000+ victims. At the time of publication this is the largest coordinated DaaS-specific enforcement action by victim count.

The structural constraint on enforcement remains: kit operators in permissive jurisdictions, affiliate decentralisation, and the voluntary retirement pattern mean that takedowns of infrastructure are rare. The deterrence model depends on tracing individual high-value transactions back to identifiable off-ramp points — a slow process against an ecosystem that moves fast.

What Actually Stops a Drain

The kit landscape is sophisticated. The countermeasures are not complicated, but they require habits, not one-time actions.

1. Revoke before you are compromised, not after. Audit your active approvals regularly. An approval granted six months ago to a protocol you no longer use is a standing invitation.

2. Hardware wallets reduce but do not eliminate risk. A hardware wallet shows you the raw transaction data that a software wallet hides. It does not make a malicious permit signature safe — it makes the data visible so you can read it. Reading it is the work you have to do.

3. Never sign a permit on a site you navigated to from a link. Bookmark protocols. Type URLs directly. Google Ads and Discord links are the primary distribution channels. Remove them from your workflow.

4. Distrust urgency. Time-limited mints, "act in the next 10 minutes" messaging, and exclusive access claims are the kit's social engineering layer. The time pressure is manufactured to prevent you from pausing to verify.

5. Verify Discord announcements out-of-band. If an announcement in a project's Discord prompts a wallet action, check the project's official Twitter/X account and website before connecting. Compromised Discords are detected and cleaned up — but not before the damage window closes.

6. Treat simulation output as advisory, not authoritative. Transaction simulations can be spoofed. If the simulated outcome seems too good — receiving an NFT for free, for example — the simulation may be lying. Reject and investigate.

7. Keep high-value assets in a cold wallet that never connects to dApps. The drainer kit cannot drain a wallet that has never signed a permit. Separation of custody by use case is the structural defence that no kit can bypass. A full custody architecture is covered in the personal custody plan.

The industrialisation of drainer kits means that the social engineering is now as polished as any legitimate product's UX. The attack succeeds when the victim cannot distinguish between a legitimate signing request and a malicious one in the time pressure of a live mint. The defence is procedural discipline applied before the moment of pressure arrives.