Search our database of flagged domains. Check if a website is a scam, phishing, or legitimate.
How This Attack Works
Solana Drainer threats exploit vulnerabilities in Solana's crypto ecosystem to steal funds. Understanding their operation is crucial for prevention.
STEP 1
Target Identification
Attackers identify potential victims through phishing emails and fake websites.
STEP 2
Phishing Execution
Victims are lured to malicious sites mimicking legitimate platforms, like phantomairdrop.com.
STEP 3
Credential Harvesting
Once on the fake site, victims input sensitive information, believing it to be secure.
STEP 4
Fund Drainage
Attackers utilize harvested credentials to access wallets and drain funds via illicit transactions.
Technical Analysis
Solana Drainer attacks leverage phishing techniques to exploit the Solana blockchain. Attackers often create copycat websites using top TLDs such as .com, .xyz, and .cc, with domains hosted by registrars like Cloudflare, Inc. and PDR Ltd. These sites employ deceptive JavaScript and HTML code to mimic legitimate interfaces, tricking users into entering their private keys or seed phrases. Once credentials are obtained, attackers interact with the Solana blockchain via RPC calls to execute unauthorized transactions. The usage of smart contract functions like `transfer` and `approve` allows attackers to swiftly move funds out of victims' accounts. The infrastructure often involves a network of proxy servers to obfuscate the origin of the attack and make tracing back to the perpetrators difficult.
Real Cases
Phantom Wallet Breach (2023)
$2 million stolen
Attackers created a fraudulent Phantom wallet site to harvest user credentials, resulting in a $2 million theft.
SolUnion Scam (2024)
$1.5 million stolen
Using the domain phantom.solunion.cc, scammers executed a sophisticated phishing attack, stealing $1.5 million in SOL.
VaultBenefits Exploit (2024)
$3 million stolen
A fake airdrop campaign via vaultbenefits.net led to credential compromise and a subsequent $3 million drain.
How to Detect
Unsolicited emails or messages offering free SOL or airdrops
Websites with slight misspellings of legitimate names
Requests for private keys or seed phrases
Suspicious URL structures or unfamiliar TLDs like .xyz or .cc
Lack of HTTPS security on sites claiming to be secure
How to Protect Yourself
1
Verify URLs carefully before interacting
2
Enable multi-factor authentication on your wallet
3
Never share your private key or seed phrase
4
Regularly check transaction histories for unauthorized activity
5
Use official wallet apps and browser extensions
Frequently Asked Questions
Data sourced from PhishDestroy threat intelligence database — 2,238 domains tracked for this threat type
Solana Drainer 2,238 domains


swcfundcoin-airdrop.live


trumpworldliberty.com


vhqck.work


vwa.x-co.in


wlfi-drop.fun


wormholesolana.web.app


www-berts.network


www.sol-galaxy.cc


www.solanaskr.com


66362.tax


78418.tax


84563.club


90197.tax


air.solgalaxy.cc


billy.allocportal.icu


bitfinex.kids


breakpoint.onspace.app


claim-nanj.click


claim-phantom.com


claims-tiktok.xyz


crydex.solplanet.cc


dappmirror.web.app


deadguy.soldex.trade


deep-sols.com


etoro.icu


events-1coin.xyz


ice.solhq.cc


jitoback.com


jitofund.com


join-xerisol.xyz


jup-token.world


jupboost.cc


jupiterchecker.top


jupiterchristmas.top


juppiter.cc


look.soldex.trade


met.allocation.live


metcoin.run


mete0ra.xyz


meteora-ag.tech


multidapps.webspro.xyz


niggaliquid-drop.fun


online-jup.com


ore-assets.xyz


ore.distribution.finance


penguin.coincap.cc


phantomopp.icu


phantompc.vercel.app


phantomwallets.blogspot.hu


phantomwalletx.blogspot.com.by


phantomwalletx.blogspot.com.es


promotions.ppsmotors.co.in


pumpx.cfd


punchcoin.org


raydium-solana.world


raydium-summary.xyz


rayiumrevenues.com


rosscas.xyz


scansolanaspin.com


sol-blast.com


sol-claim2026.com


solana-network.pro


solana2mix.to


solanateam.icu


soldappsauth.xyz


solfalre.github.io


solflare.co.com


sollspin.com


solprismdapp.xyz


troll-live.xyz


trumpsolana.org


uptober4.us


usorcoin.top


wallettconnect.com


wlficoin.top


www-vote.usor-events.com


www.strategic-solana-reserve.com


70232.my


74801.academy


75701.club


76511.loan


79700.tax


app.meteora.bz


app.rneteora.org


app.sol-hyperliquid.live


bc-game-wallet.ws


bifrostgov.web.app


bsolef.com


bullx-trading.com


buy-wallet.today


claim.recali.life


confirmed-sol.biz


curecancercoin.com


dropgate.fun


events-fogswap.xyz


events-kaio.xyz


gain.sol-galaxy.cc


jffgagamdf.top


jitogo.xyz