We are currently undergoing maintenance. Some features may be temporarily unavailable.
ChainAnalyzer
Feb 5, 2026

Drainer Detection - Known Wallet Drainer & Phishing Scanner

ChainAnalyzer now includes wallet drainer detection. Using our ScamDB, it automatically detects tokens and addresses associated with known wallet drainers and phishing sites. This feature was born from the ChainAnalyzer developer's own firsthand experience as a drainer victim.

The Origin Story

On February 9, 2026, the ChainAnalyzer developer fell victim to a wallet drainer in a Discord community. A fake airdrop link (solland.cc) was posted from an account with an admin badge. After connecting a Phantom wallet and signing a transaction, SOL was immediately drained to address 7kMpie...j1eL26.

While the loss was 0.093 SOL (~$7.95), the same drainer had stolen $3,700+ in total, laundering funds through DEX swaps and anonymous exchanges. This experience became the founding motivation for ChainAnalyzer.

What is ScamDB?

ChainAnalyzer's ScamDB is a database of verified scam information. It integrates with a community risk database API to automatically cross-reference known dangerous tokens and scam projects. The developer's own incident (SCAM-001) is registered as the first entry.

Detection Targets

  • C2: KNOWN_SCAM_TOKEN - Tokens flagged as "danger" in the risk database (CRITICAL -30 points)
  • Phishing site associations - Detect connections to known drainer addresses
  • Fake airdrop patterns - Tokens associated with FCFS and Claim-type phishing schemes

Common Phishing Patterns

  • Fake airdrops - "Claim" buttons that request wallet connection, then drain SOL upon signing
  • Admin impersonation - Compromised Discord accounts with admin badges posting fake links
  • Redirect techniques - Legitimate-looking domains that redirect to drainer sites
  • System Program Transfer - Disguising drain transactions as simple transfers to trick approval

How to Protect Yourself

  • Always scan tokens with ChainAnalyzer before purchasing
  • Never click "Claim" links from airdrop announcements outside official channels
  • Verify link safety even when posted by accounts with admin badges
  • Always review transaction details before signing
  • Build a habit of fact-checking with tools rather than relying on authority

Risk Classification

Tokens registered in ScamDB are classified as CRITICAL risk. A 30-point deduction is applied to the risk score, and an immediate warning is displayed. This detection uses the risk database and is available on the free plan without any API keys.

© 2026 ChainAnalyzer. All rights reserved.