Bitget App
Trade smarter
Open
HomepageSign up
Bitget>
News>
$538M stolen by drainers: ETH & SOL wallets unite with real-time phishing blocks

$538M stolen by drainers: ETH & SOL wallets unite with real-time phishing blocks

CryptoSlate2025/10/23 06:00
By: Gino Matos
SOL+0.66%ETH+2.92%

SEAL, the nonprofit security organization that has disrupted crypto drainer operations since late 2023, launched a real-time phishing defense network on Oct. 22 in partnership with MetaMask, WalletConnect, Backpack, and Phantom.

The coalition deploys Verifiable Phishing Reports technology, which enables users to submit cryptographically attested evidence of malicious sites, thereby bypassing the manual review bottleneck that allows drainers to rotate infrastructure faster than defenders can respond.

According to CertiK reports published throughout the year, roughly $538 million was stolen by phishing attacks as of Sept. 30. This estimate excludes the $1.4 billion exploit against Bybit in February.

The collaboration addresses an escalation cycle in which drainers adapted to each mitigation.

When SEAL accelerated updates to eth-phishing-detect, drainer operators rotated landing pages more frequently.

When infrastructure providers blocked abusive hosting, drainers migrated to offshore bulletproof services. When SEAL implemented automated scanning via its Phishing Bot, drainers deployed cloaking and anti-fingerprinting measures to evade detection.

The result was an arms race weighted toward attackers, who retained the initiative while defenders struggled to validate submissions at scale.

Verifiable Phishing Reporter changes the engagement model. Users submit reports containing the exact content served by a suspected phishing site, accompanied by a TLS attestation that proves the content was not forged.

SEAL processes these submissions in real time without manual triage, circumventing cloaking techniques that hide malicious payloads from automated scanners.

The coalition pipes validated reports into an end-to-end detection system that blocks phishing domains and risky contract interactions across participating wallets, turning localized intelligence into network-wide protection.

Ohm Shah, security researcher at MetaMask, stated:

“Drainers are a constant cat and mouse game like most of security, working alongside SEAL and their independent researchers it allows wallet teams like MetaMask to be more agile and apply SEAL’s research to practice effectively throwing a wrench at the drainer’s infra.”

Derek Rein, CTO of WalletConnect, added that the partnership expands protections for WalletConnect Certified wallets, which already warn users about known scam sites.

Armani Ferrante, CEO of Backpack, framed the integration as part of the wallet’s mission to make digital asset ownership more secure, while Kim Persson, senior engineer at Phantom, emphasized that domain security and user safety remain core priorities.

Measuring success

The network’s effectiveness might rest on three pillars: fewer users losing funds, faster threat neutralization, and high-quality detections measured against a pre-launch baseline and a matched control.

The primary metric is loss rate per active user, such as dollar-denominated losses to phishing per 1,000 monthly active wallets, which can be estimated from on-chain drainer clusters, victim self-reports, and wallet telemetry.

Speed defines the second measurement tier. Time-to-protect tracks the median and 95th-percentile duration from the first Verifiable Phishing Report to an in-wallet warning or block.

Time-to-neutralize separately measures web vectors, reports to blocklist propagation to site takedown, and on-chain vectors, where reports trigger interception of risky contracts or addresses.

Sustained reductions in these intervals should correlate with lower realized losses.

Coverage and quality form the third pillar. Recall captures the share of known phishing domains and addresses flagged before the first victimized transaction, validated against independent sources and post-incident investigations.

Precision is measured as one minus the false-positive rate, confirmed through subsequent clean TLS attestations and user appeals.

Additional quality checks include the fraction of network actions backed by valid TLS attestations, deduplication rates across reporters, and median domain lifetime after the first attestation.

Behavioral metrics would show whether protections alter user actions. The deflection rate divides the number of warnings that lead to the abandonment of risky actions by the total number of warnings shown, while the blocked-sign rate counts hard-stopped transactions.

The organization invites additional wallets to join the network and encourages security researchers and users to contribute via the Verifiable Phishing Reporter client available on its site.

The post $538M stolen by drainers: ETH & SOL wallets unite with real-time phishing blocks appeared first on CryptoSlate.

Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
PoolX: Earn new token airdrops
Lock your assets and earn 10%+ APR
Lock now!

You may also like

The New Order of AI Generative Development: Deconstructing the Vibe Coding Ecosystem

Vibe Coding is an early-stage project with clear structural growth, strong potential for platform moat, and diverse, scalable application scenarios.

黑色马里奥2025/10/24 02:55
Solo: Building a Web3 Trusted Anonymous Identity Layer Based on zkHE Authentication Protocol

Solo is building a "trusted and anonymous" on-chain identity system based on its original zkHE architecture, which is expected to break through the long-standing challenges...

黑色马里奥2025/10/24 02:53

Trending news

More
1
A $2 Billion "Game of Probability": Is the Prediction Market Approaching Its "Singularity" Moment?
2
Solana Saga phone discontinued after only two years—can the second-generation Seeker avoid repeating the same fate?

Crypto prices

More
Bitcoin
Bitcoin
BTC
$111,276.5
+2.15%
Ethereum
Ethereum
ETH
$3,977.68
+3.35%
Tether USDt
Tether USDt
USDT
$1
+0.00%
BNB
BNB
BNB
$1,140.43
+4.17%
XRP
XRP
XRP
$2.44
+2.02%
Solana
Solana
SOL
$193.38
+4.76%
USDC
USDC
USDC
$0.9998
-0.02%
Dogecoin
Dogecoin
DOGE
$0.1980
+3.17%
TRON
TRON
TRX
$0.3139
-2.79%
Cardano
Cardano
ADA
$0.6527
+3.32%
How to buy BTC
Bitget lists BTC – Buy or sell BTC quickly on Bitget!
Trade now
Become a trader now?A welcome pack worth 6200 USDT for new users!
Sign up now
Trade smarter