Inferno Drainer Claims Another Victim: $1.28M Lost in PEPE and Altcoins
A cryptocurrency trader lost $1.28 million in a phishing attack linked to the Inferno Drainer toolkit, which exploits malicious transactions to drain digital assets from unsuspecting victims' wallets.
A cryptocurrency trader lost over $1.28M in digital assets on October 14 after signing a malicious transaction associated with a phishing attack in late September.
According to blockchain intelligence firm Arkham , the attack was likely carried out using Inferno Drainer. The phishing-as-a-service toolkit has been responsible for hundreds of millions of dollars in stolen funds.
Phishing Attack Linked to Inferno Drainer Scam Service: How Did Victim Lose $1.28M?
The investor’s wallet, identified as “0xb0b..40c7,” was drained of 108 billion PEPE, 73.8 million APU, and 165,000 MSTR tokens after being tricked into signing a phishing permit transaction.
The method used in the attack is known as an “approval phishing attack,” which allows scammers to gain control of a victim’s wallet and transfer assets.
In this case, the stolen funds were moved across six transactions and distributed to multiple addresses controlled by the attackers.
One of the wallets involved, “Fake_Phishing442846,” was linked to another phishing attack just two weeks earlier, in which over $32 million in spWETH tokens were stolen.
The phishing toolkit enables criminals to create fake websites and applications, tricking users into granting control of their wallets.
Inferno Drainer operates on a subscription model, charging scammers 30% for creating phishing websites and an additional 20% for each successful attack. According to Dune analytics data, the toolkit has facilitated the theft of over $237 million from more than 200,000 victims to date.
Although the developers announced plans to shut down Inferno Drainer in November 2023, the toolkit resurfaced in May 2024, driven by renewed demand from scammers.
Over $127 Million in Cryptocurrency Stolen in Q3 2024
Phishing attacks pose a major threat to crypto investors, with a Chainalysis report estimating losses of $2.7 billion since 2021.
A recent high-profile case saw a venture capital fund lose $35 million in fwDETH tokens, causing a 90% drop in the token’s value.
Over $127 million in cryptocurrencies were stolen in Q3 2024 alone, with approximately $46 million lost in September. Web3 security firm Scam Sniffer reported that about 10,800 victims were affected by phishing attacks that month.
The largest incident occurred on September 28, when a permit phishing attack drained 12,083 spWETH , worth $32.43 million. The primary targets were Ether and other cryptocurrencies like Polygon (MATIC), BNB, and Optimism (OP).
Most phishing incidents stem from malicious links on social media and phishing ads on Google.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Abstract may support ai16z’s Eliza codebase when it launches its mainnet next January
German parliament passes Financial Market Digitalization Act
AR breaks through $16
German tokenization firm Cashlink receives cryptocurrency custody license