Ethereum Wallet Drainer (Monkey Drainer)

Detects the "Monkey Drainer" phishing script kit

References

IOK Rule (edit)

title: Ethereum Wallet Drainer (Monkey Drainer)
description: |
  Detects the "Monkey Drainer" phishing script kit

references:
  - https://twitter.com/zachxbt/status/1584955933452484613
  - https://urlscan.io/result/8540a3f9-ee2e-43b4-aa75-c79379103bb3/
  - https://urlscan.io/result/f5348120-cbbd-4185-b652-89c6cdbaef9d/
  - https://urlscan.io/result/492cecf2-7f52-4f52-8c5a-c78cfb838025/
  - https://urlscan.io/search/#hash%3Ac64e9c818d03878f82b48c2e2778935a1acb3b867e31b1473e19e856cde37b6e
  - https://urlscan.io/search/#hash%3A95c66625ee20f53d542e23dded002b021b24e9d28c3d193a076d45cba4dc8618
  - https://urlscan.io/search/#hash%3A67ad2454feca6eb213f4a70cc588137e6bd21ad95c0eda2709faa2317ff90359

detection:
  chain:
    html|contains|all:
      - <script src="chain-common.js"></script>
      - <script src="chain-bundle.js"></script>

  condition: chain

tags:
  - cryptocurrency
  - cryptocurrency.ethereum
  - threat_actor.monkeydrainer