A wallet drainer is a malicious website, script, or smart contract flow designed to steal assets from a user’s wallet. It often tricks users into signing approvals, transfers, or permissions that give attackers access to tokens or NFTs.

Drainers usually appear behind fake airdrops, fake mints, fake support pages, fake presales, fake claim portals, or impersonated project websites.

How drainers trick users

  • They copy a real project’s branding.
  • They create urgency with limited-time claims.
  • They ask users to connect a wallet.
  • They trigger a signature or approval request.
  • They move assets after the user grants permission.

Important: connecting a wallet is not always the dangerous part. The dangerous part is often what the site asks the user to sign or approve afterward.

Approvals and signatures

Some wallet prompts are normal. But malicious prompts can request broad token approvals or permissions that allow a contract to move assets. Users should read wallet popups carefully and avoid approving unknown contracts.

How to reduce risk

  1. Use official links only.
  2. Do not trust airdrop links from random messages.
  3. Read the wallet prompt before signing.
  4. Use a separate wallet for testing unknown sites.
  5. Review and revoke suspicious approvals when needed.

Why this matters

Wallet drainers are effective because they abuse speed, excitement, and carelessness. The defense is boring but powerful: slow down, verify the source, and understand what the wallet is asking you to sign.

End of record

Build judgment before taking action.

Eonwell is designed to help users understand wallets, DEXs, tokens, presales, and on-chain safety before they click, connect, approve, or send.

Back to Safety Open Safety Guides