# Frequently Asked Questions ### Q: What is a crypto drainer? **A:**\ A crypto drainer is a malicious script designed to exploit user interactions with dApps and wallet providers. When a victim connects their wallet (e.g., MetaMask, Phantom, Trust Wallet), the script hijacks the provider and intercepts transaction requests. With just a single approval, it triggers a signed operation — using methods like `sign`, `permit`, `approve`, or `transferFrom` — to drain tokens and native coins across 90+ blockchain networks. The attack happens in one transaction, fully automated, and mimics legitimate dApp behavior. The user sees no obvious anomaly. All stolen assets are sent directly to your assigned wallet. Each operation targets **one network at a time** (EVM, Solana, TON, TRON, etc.), but the drainer supports rapid deployment across multiple chains. *** ### Q: Once connected, can we drain again later? A:\ Yes. After a user approves a contract, the allowance remains active until manually revoked. This means you can drain funds multiple times - even days or weeks later - as long as the approval is still valid and the user hasn’t disconnected or reset their wallet session. (EVM only) *** ### **Q: How can I buy a crypto drainer?** **A:**\ Access to Quark Drainer is granted exclusively through the [Admin Panel](https://account.quarklab.app/). After completing the purchase, you’ll receive immediate access to the full toolkit - including the drainer script, landing templates, smart contracts, and configuration panel. You cannot access the panel without a valid license. *** ### Q: What exactly is included in the Quark Drainer package? **A:**\ You receive a complete, self-hosted toolkit: * **Frontend**: 400+ pre-built landing templates (airdrops, NFT mints, exchange clones) * **Backend**: Node.js-based server with logging, cloaking, and Telegram integration * **Smart Contract**: Optional gasless approval & transfer logic (for EVM) * **Admin Panel**: Full control over domains, modals, notifications, and logs * **Source Code**: Clean, modular, and auditable (no backdoors) * **Setup Guide**: Step-by-step installation (under 20 minutes) All files are delivered via encrypted ZIP upon purchase. *** ### Q: How do I install and deploy Quark Drainer? **A:**\ Start by configuring everything in the Admin Panel - set your wallet, modal, Telegram bot, and cloaking. Once configured, export the files and deploy the frontend to your domain. Run the backend on your server (`node server.js`) and point the frontend to your API. The Admin Panel can also be self-hosted for full independence. No dependency on our infrastructure required. Full instructions are included. Support is available if you hit edge cases. *** ### Q: Which networks and wallets does it support? **A:**\ Supports **90+ networks**, including Ethereum, BSC, Polygon, Arbitrum, zkSync, Solana, TON, TRON, Avalanche, Base, Linea, Scroll, and more. **Wallets**: * **EVM**: MetaMask, Trust Wallet, Coinbase, Binance, WalletConnect (\~480 wallets) * **Solana**: Phantom, Solflare, Ledger, Coin98, MetaMask * **TON**: Tonkeeper, Telegram Wallet, DeWallet * **TRON**: TronLink, BitKeep, TokenPocket Full compatibility with tokens, NFTs, and major DEXs via `permit`, `multicall`, and contract exploits. *** ### Q: Can I use my own landing page? **A:**\ Yes. You can: * Replace any template with your custom HTML/CSS/JS * Inject the drainer script into any App/Site/Bot * Use our **Modal Builder** to match the design Ensure the script loads before wallet interaction. *** ### Q: How do I avoid detection and blocking? **A:**\ Use **cloaking** + **opsec**: * Use **aged domains** * Deploy behind **Keitaro + HideClick Cloaca** or **TrafficArmor** * Serve clean pages to bots, drainer to real users * Use **Qubes OS + Whonix** for admin access * Rotate domains *** ### Q: Is there anti-bot or cloaking built in? **A:**\ Yes. The backend includes: * **IP filtering** (datacenters, known scrapers) * **User-Agent validation** * **Bot detection** via behavioral analysis * **Cloaking triggers** (detect crawlers, serve blank page) For full protection, pair with other anti-bots. *** ### Q: Can I customize the modal window? **A:**\ Yes. Choose from: * Standard, RainbowKit, WalletConnect v2/v3 * Venus, Jupiter, Spirit Extended, Moon, Mercury etc * Custom colors, logos, loader text (via builder) All modals are optimized. *** ### Q: Do you offer updates and support? **A:**\ Yes. All buyers get: * Lifetime access to updates * Priority Telegram support (response <2 hrs) * Private community (140+ members) * Weekly template drops and bypass methods {% hint style="success" %} We actively maintain the codebase to bypass new security patches. {% endhint %} *** ### Q: How do I clean and cash out stolen funds? **A:**\ We do **not** provide laundering services directly, but we recommend: 1. Cross-chain hop via **Paraswap** or **Thorchain** 2. Swap to **Monero (XMR)** via **Sideshift.ai** or **SwapSpace** 3. Cash out via **non-KYC exchange** or [**physical delivery**](/quark-lab/useful-info/coin-washing-and-cleaning-guide.md#option-b-physical-cash-delivery) (for >$100K) Never deposit raw funds to Binance/Kraken. *** ### Q: Can I host it myself? **A:**\ Yes. You can deploy on: * Your VPS (Debian + Nginx + SSL) * Cloud (AWS, GCP, Hetzner) * Serverless (Vercel, Netlify) We do not host for users, but we guide setup. *** ### Q: What if I get blocked or banned? **A:**\ Blocks happen. Here’s how to respond: * Rotate domains and IPs * Update templates * Change modal type * Adjust cloaking rules We provide **bypass strategies** in the private group. *** ### Q: How do I get real-time notifications? **A:**\ Integrate your **Telegram bot**: 1. Create a bot via [@BotFather](https://t.me/BotFather) 2. Get your `API Token` and `Chat ID` 3. Enter both in the Admin Panel 4. Enable alerts for: * Wallet connect / disconnect * Network change * Successful drain * Rejected signature All logs sync to Telegram and the panel. *** ### Q: Is the source code safe? Are there backdoors? **A:**\ The full source code is provided for transparency, allowing you to audit every component - frontend, backend, and smart contracts. There are no obfuscated binaries or remote dependencies that could hide malicious behavior. While we assert that no backdoors are present, you should **verify the code yourself** before deployment. Security depends not only on the code but on your operational environment: hardening your server, isolating access, and protecting credentials. Remember: any system exposed to the internet can be compromised if misconfigured. Always run the panel and backend behind proper access controls, firewalls, and ideally, within an isolated network (e.g., via Qubes OS or Whonix). Trust, but verify. *** --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://quarklab.gitbook.io/quark-lab/frequently-asked-questions.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.