Fraudsters Rent Out Malware: A New Trend in Crypto Crime
Date: 2025-04-24 Author: Gabriel Deangelo Categories: BUSINESS
AMLBot has reported a new phenomenon in the cybercrime industry related to cryptocurrency theft: malware developers, known as drainers, have begun renting out their tools in a SaaS-like fashion. This scheme is called Drainer-as-a-Service (DaaS) and makes criminal activity much more accessible to a wide range of users.
For $100 to $300, novice attackers receive a full “starter pack” that includes all the necessary tools. The package includes an infrastructure with a control panel, a domain for masking, solutions for hiding digital traces, fake documents for passing KYC, and access to hacked or new accounts on social networks such as Telegram, Discord, and X.
Drainer creators benefit by expanding their network of clients and forming a sustainable criminal community. As Slava Demchuk, CEO of AMLBot, explained, previously, participating in such schemes required advanced technical knowledge, but with the advent of the DaaS model, the process has become almost as simple as in other forms of cybercrime.
The search for clients occurs both through the darknet and through open channels on social networks, including groups with phishing schemes. Particularly alarming was the fact that some malware developers began to promote their services publicly - up to setting up stands at specialized conferences, such as CryptoGrab.
Thus, malware rental turns cybercrime into a subscription model, where anyone can access dangerous tools for a relatively small fee. Experts emphasize that such accessibility poses a serious threat to the security of the Web3 environment.
According to Chainalysis, the crypto industry suffered losses from fraud in the amount of at least $9.9 billion in 2024, and the spread of DaaS-type models only worsens the situation.
