ARTICLE AD
Singapore's Group-IB highlights the lingering threat of Inferno Drainer in crypto through users of the ‘scam-as-a-service’ dashboard.
Singaporean cybersecurity company Group-IB published a report today detailing how the ‘scam-as-a-service’ known as Inferno Drainer used 16,000 domains for phishing purposes and stole $80 million from crypto users since late March 2023.
Titled ‘Burnout: Inferno Drainer’s multimillion-dollar scam scheme detailed’, the study points out that Inferno Drainer’s threat still looms over the crypto market despite its shutdown in November 2023.
The first registers of Inferno Drainer activities date back to November 2022. In just a year, it became one of the most proficient drainers in crypto. A ‘drainer’ is a service focused on stealing crypto using different means to trick victims, and Inferno’s specialized in phishing.
Inferno Drainer was shut down in November 2023 after its developers announced they were closing the operation. However, the threat persists as past users of this malware have potentially moved on to other schemes. In other words, there is still a risk that Inferno Drainer has not been fully eradicated, according to Group-IB’s analysts.
The report also highlights that the 16,000 unique domains used were part of an extensive phishing operation that mimicked more than 100 crypto brands.
Description of Inferno Drainer scheme. Image: Group-IBCybercriminals lured potential victims to phishing sites, expertly impersonating popular crypto brands and Web3 protocols like Seaport, WalletConnect, and Coinbase. These sites initiated fraudulent transactions by deceiving users into linking their accounts for supposed financial rewards.
Moreover, cybercriminals offered various lures such as exclusive airdrops and compensation for company disruptions, convincing users to connect their wallets to the attacker’s infrastructure.
The report also emphasizes the technical sophistication behind the Inferno Drainer operation. The criminals behind the scheme offered services for creating and hosting websites that appeared as official crypto projects, spreading through social media platforms like X (formerly Twitter) and Discord, and receiving a part of the scam’s profit as payment.
Group-IB’s analysts warn that as the crypto ecosystem continues to evolve, so do the methods of cybercriminals. Although most of Inferno Drainer’s operations may have ceased, the threat of similar malware looms large, prompting a need for increased vigilance and improved security measures in the digital asset space.
The information on or accessed through this website is obtained from independent sources we believe to be accurate and reliable, but Decentral Media, Inc. makes no representation or warranty as to the timeliness, completeness, or accuracy of any information on or accessed through this website. Decentral Media, Inc. is not an investment advisor. We do not give personalized investment advice or other financial advice. The information on this website is subject to change without notice. Some or all of the information on this website may become outdated, or it may be or become incomplete or inaccurate. We may, but are not obligated to, update any outdated, incomplete, or inaccurate information.
You should never make an investment decision on an ICO, IEO, or other investment based on the information on this website, and you should never interpret or otherwise rely on any of the information on this website as investment advice. We strongly recommend that you consult a licensed investment advisor or other qualified financial professional if you are seeking investment advice on an ICO, IEO, or other investment. We do not accept compensation in any form for analyzing or reporting on any ICO, IEO, cryptocurrency, currency, tokenized sales, securities, or commodities.