A new scam dubbed the “Inferno Drainer,” has successfully siphoned off approximately $6 million from unsuspecting cryptocurrency users.
Scam Sniffer, a reputable company that monitors web-based fraudulent activities, uncovered this alarming trend, shedding light on the evolving landscape of scams targeting the crypto community.
Details Of The Scam
The Inferno Drainer offers fraudsters readily available code that enables them to steal cryptocurrencies, in exchange for a significant share, typically around 20%, of the ill-gotten gains.
Scammers, targeting unsuspecting crypto holders, employ this scam-as-a-service model, resulting in substantial losses for victims who fall prey to their deceptive tactics.
1/ Inferno Drainer, a scam vendor specializing in multi-chain scams, has stolen $5.9 million in assets from nearly 4,888 victims through over 689 phishing websites targeting popular projects.https://t.co/OEjdzHm2Ls
— Scam Sniffer (@realScamSniffer) May 19, 2023
The discovery of the Inferno Drainer scam came to light when a security enthusiast known as 0xSaiyanGod, stumbled upon a booster for the service while perusing the Scam Sniffer Telegram channel. After reporting the con artist to the channel, 0xSaiyanGod’s actions triggered a swift response from the security agency, initiating an investigation into the matter.
Scam Sniffer’s investigation revealed a snapshot that captured a drain transaction exploiting a vulnerability called “Permit2,” which led to the loss of $103,000.
The Permit2 exploit leverages a streamlined version of the token approval procedure, allowing scammers to capitalize on unsuspecting victims. The snapshot provided critical evidence, including the transaction hash, which enabled the team to track down the address associated with the exploiter.
Further analysis by Scam Sniffer revealed that the identified address was linked to an alarming number of phishing websites, totaling over 689 since March 27, 2023.
These fraudulent websites targeted victims across multiple networks, including Ethereum, Arbitrum, Polygon, and BNB Chain, resulting in $5.9 million in stolen funds.
To substantiate their findings and provide transparency, Scam Sniffer created a dedicated dashboard on Dune analytics, showcasing the evidence and the process undertaken to reach these conclusions.
Scams In Crypto
Inferno Drainer didn’t stop providing scamming services; it even offered to construct custom phishing sites for clients in exchange for a 30 percent share of the profits.
However, this offer was selectively limited to “good customers” or those perceived to have significant potential for generating substantial revenues.
The rise of scams disguised as services has become a growing concern within the cryptocurrency ecosystem.
Last year, the “Monkey Drainer” phishing scam drained at least $1 million worth of ETH from users before it closed in March 2023.
In 2021, the United States Federal Trade Commission (FTC) received over 7,000 reports of cryptocurrency scams, with losses totaling over $80 million.
In response, the agency has offered tips, including not clicking on unsolicited emails and even setting up a help page on their website and that of the Cybersecurity and Infrastructure Security Agency (CISA).