A cryptocurrency phishing and scam service called “Inferno Drainer” allegedly stole over $5.9 million worth of crypto from 4,888 victims.

According to a report by Web3Anti-Scam company “Scam Sniffer”, the phishing service has created at least 689 fake websites since March 27, 2023.

Most phishing sites went live after May 14, 2023, with analysts reporting a spike in site building activity around that time.

Malicious websites created with Inferno Drainer target 229 popular brands, including Pepe, Bob, MetaMask, OpenSea, Collab.Land, LayerZero and others.

Scam Sniffer discovered the service after observing an Inferno Drainer member promoting the service on Telegram by posting a screenshot of a $103,000 theft demonstrating its capabilities.

“By querying the hash of the transaction hidden in the screenshot, we found this transaction in ScamSniffer’s database and associated it with some known malicious addresses in our malicious addresses database”, explains Scam Sniffer.

Inferno Drainer promotes multi-chain fraud, Aave token and art block draining, MetaMask token endorsement exploits, and more.

The authors of the “drainer” toolkit provide a modern admin panel with customization options and even offer a trial for interested buyers.

Operators pay Inferno Drainer 20% of their revenue, while the discount can be up to 30% for services that include building phishing sites.

However, due to high demand, the service will only offer phishing sites to “good customers” or customers who have proven potential to generate a lot of money.

Scam statistics

Scam Sniffer investigated the operation of Inferno Drainer and found that the service has been active since February 2023 and has increased its operational volume from mid-April 2023.

Most of the assets ($4.3 million) were stolen from mainnet, $790,000 were snatched from Arbitrum, $410,000 from Polygon, and $390,000 from BNB, for a total of $5.9 million. dollars.

One of the biggest victims identified by analysts lost $400,000 in assets. The victim contacted the attackers and offered them 50% of the amount not to sue them legally, but the attackers ignored these messages.

Scam Sniffer says threat actors are distributing the funds they raise through attack fees among five cryptocurrency addresses currently holding between 250 and 400 ETH.

Cryptocurrency holders should exercise due diligence in all transactions, treat incoming messages with skepticism, verify the identity of the sender, use multi-factor authentication to protect their accounts, and keep their software up to date.

Ideally, don’t disclose any personal information online and use “cold” hardware wallets to store most of your digital assets.