Consumer Protection Tuesday: What Are Wallet Drainers and How Can You Stay Safe?
Tl;dr: Wallet drainers are malicious scripts or smart contracts that allow scammers to steal all the assets from a victim’s crypto wallet, often in seconds. These threats are becoming more sophisticated and are often hidden behind fake dApps, phishing links, or social engineering schemes. In this blog, we’ll explain how wallet drainers work, what red flags to watch out for, and how Coinbase is helping protect users from these devastating scams.
This post is part of a weekly Tuesday series at Coinbase about the latest consumer protection and security measures for crypto owners.
At Coinbase, we’re on a mission to help update the financial system to make it safer and more secure. While less than 1% of blockchain transactions are used for illicit activity, and cash remains the preferred medium for illegal transactions, crypto security is always a top priority. Coinbase maintains a robust compliance program, which includes Know Your Customer (KYC) checks, sanctions screenings, suspicious activity reporting, and strong law enforcement partnerships to detect and prevent illicit activity on our platform.
Understanding Wallet Drainers
Cryptocurrency wallet drainers are malicious tools that exploit smart contract permissions to steal tokens and NFTs from a user’s wallet, often immediately after the user unknowingly signs a harmful transaction.
These drainers are often distributed through:
Phishing websites disguised as legitimate DeFi projects, airdrops, or NFT collections.
Social media impersonations, where scammers pose as influencers or companies promoting giveaways.
Compromised Discord and Telegram groups, where fraudulent links are planted in trusted channels.
Malvertising, or ads that mimic popular platforms and lead to fake versions of known dApps.
Once a user connects their wallet and signs a malicious transaction, the drainer can execute the transfer of all assets to a scammer-controlled wallet, with no further user interaction required.
Spotting Wallet Drainer Traps
1. Fake or Cloned Websites: Scammers often create pixel-perfect copies of popular platforms. Key warning signs include slight misspellings in the URL or unusual pop-up prompts after wallet connection.
2. Unverified Smart Contracts: If a dApp asks you to sign a contract that is not publicly verified or lacks a clear purpose, stop immediately. Use tools like Etherscan or Polygonscan to verify contracts before signing.
3. Excessive Approval Requests: Some platforms might ask you to grant unlimited access to your tokens. If you see a request that grants access to "ALL" of a token or NFT collection, it’s time to walk away. Use token approval checkers to review and remove high-risk permissions.
4. Suspicious Airdrops or Giveaways: You may receive airdropped tokens that tempt you to connect your wallet to an unknown platform to “claim” or “sell” them. These links often lead to drainer scripts. Don’t interact with tokens or contracts you don’t recognize.
The takeaway: If it sounds urgent, exclusive, or too good to be true—it probably is.
Here’s how to stay protected:
Double-check URLs before connecting your wallet.
Never sign transactions you don’t understand.
Regularly review your token approvals.
Stick with verified, reputable dApps and exchanges.
At Coinbase, your security is our top priority. We’re taking aggressive steps to prevent wallet drainer attacks, including joining industry-wide efforts like the Tech Against Scams coalition to share intelligence and build collective defenses against emerging threats. Still, community education remains the most important factor in scam avoidance. Wallet drainers represent a fast-evolving threat that can empty your assets in moments. But with awareness, smart habits, and trusted tools, you can stay one step ahead.
