6 months ago
25 ARTICLE AD
An Inferno Drainer address is related to the hack, but it isn't likely that this scheme is still active.
Brazilian crypto influencer Augusto Backes got over $211,000 drained from his wallet on Mar. 3, after clicking on a malicious link sent from a phishing email, according to a video from his channel.
Backes stated that the email address was supposedly related to an airdrop conducted by Ethereum’s layer-2 blockchain Blast. Although he receives phishing scams in his email box daily, the Brazilian crypto influencer highlighted that he was planning a script for a video and got sidetracked.
“In the middle of this anxiety, I received an email. Two months ago, I subscribed my wallet to Blast’s airdrop, and I had to prove the NFT quantity to be selected for this airdrop”, Backes says in the video. “The email seemed to be sent from Blast, and as a matter of fact, this is a well-crafted scam, with the scammer imitating the website. I clicked the ‘Claim your tokens’ button once, signed the transaction on my MetaMask, and the contract swallowed everything.”
Tokens drained by the scammer. Image: DeBankJoe Green, Head of the Quick Response Team at blockchain security firm CertiK, pointed out that malicious addresses linked to the Inferno Drainer scam were involved in this incident. However, this scheme was closed in November 2023, and a personality associated with it moved onto the Angel Drainer team.
“So whilst malicious addresses linked to Inferno were involved in this incident it is unlikely to be an Inferno Drainer,” Green explains. “The scammers’ wallet is 0x3CF955Bf92DD56CFE51cf7024EA1F2be49CEBC2F while the fee address is 0xf672775e124E66f8cC3FB584ed739120d32bBaad. The transactions were initiated by 0x0000db5c8B030ae20308ac975898E09741e70000 which has been associated with the Inferno Drainer in the past.”
As a warning for Web3 users, Green says that users must check the sender’s email address. “In the example below, the email came from [email protected], which is not an official Blast email. This will instantly indicate to the user that this is likely to be a phishing scam.”
CertiK’s example of a malicious sender address. Image: CertiKMoreover, users should always double-check that the URL they’re clicking on is official before connecting their wallet and signing transactions, Green concludes.
The information on or accessed through this website is obtained from independent sources we believe to be accurate and reliable, but Decentral Media, Inc. makes no representation or warranty as to the timeliness, completeness, or accuracy of any information on or accessed through this website. Decentral Media, Inc. is not an investment advisor. We do not give personalized investment advice or other financial advice. The information on this website is subject to change without notice. Some or all of the information on this website may become outdated, or it may be or become incomplete or inaccurate. We may, but are not obligated to, update any outdated, incomplete, or inaccurate information.
You should never make an investment decision on an ICO, IEO, or other investment based on the information on this website, and you should never interpret or otherwise rely on any of the information on this website as investment advice. We strongly recommend that you consult a licensed investment advisor or other qualified financial professional if you are seeking investment advice on an ICO, IEO, or other investment. We do not accept compensation in any form for analyzing or reporting on any ICO, IEO, cryptocurrency, currency, tokenized sales, securities, or commodities.
