Meet Ledger Nano™ Gen5, the most playful signer yet

Discover now

The most playful signer yet

Meet Ledger Nano™ Gen5

Shop now Learn more

Drainer as a Service (DaaS)

Dec 16, 2025 | Updated Dec 16, 2025
Drainer as a Service (DaaS) is a malicious business model where hackers rent out wallet-draining code to would-be cybercriminals in exchange for a percentage of the stolen funds.

What Is Drainer as a Service?

In the past, running a crypto scam required significant technical skill. A hacker had to write their own malicious code to exploit smart contracts. Unfortunately, the emergence of Drainer as a Service (DaaS) has made this process accessible to any bad actors willing to pay for it, regardless of technical ability.

DaaS providers create ready-to-use “phishing kits” that include everything a scammer needs: fake websites, malicious scripts, and a dashboard to track victims. They then sell these kits to less-skilled criminals via the dark web or in private group chats. While some scammers may charge an upfront fee for the service, others simply take a cut of all the assets stolen using their tool.

This model lowers the barrier to entry for cybercrime, leading to a surge in phishing attacks across the crypto ecosystem.

How Do Crypto Wallet Drainers Work?

Crypto drainers are designed to trick users into signing malicious transactions. That is to say that they “hack” the user using various forms of social engineering in order to trick them into surrendering their assets or downloading malware.

  1. The attacker sets up a fake website, often mimicking a well-known platform or protocol. They then promote this site via spam emails, hacked social media accounts, or direct messaging potential victims on social media.
  2. When a victim connects their wallet to the fake site, the drainer script scans their wallet to see which assets (tokens, NFTs) are most valuable.
  3. The site prompts the user to sign a transaction. This might be disguised as a “Claim,” “Mint,” or “Verify” button.
  4. The transaction is actually a malicious smart contract function. Once signed, it grants the attacker permission to move assets out of the victim’s wallet. The script automatically transfers the funds to the scammer and the DaaS provider.

For more on smart contract scams and how to spot them, read our article on Ledger Academy.

Soulbound Tokens (SBTs)

Soulbound Tokens (SBTs) are a specific kind of NFT that cannot be transferred once assigned to a particular wallet.

Full definition

Virtual Reality (VR)

Virtual reality is a simulated, interactive three-dimensional environment that allows users to experience virtual worlds.

Full definition

Collateralization

Collateralization is the process through which an individual secures a loan using their valuable assets as insurance.

Full definition

Own your crypto future

Stay informed with security tips, updates, and exclusive offers from Ledger

Your email address will only be used to send you our newsletter, as well as updates and offers. You can unsubscribe at any time. Learn more

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.