The year 2023 saw the rise of a notorious crypto drainer who successfully impersonated over 100 cryptocurrency brands across a whopping 16,000 phishing domains. This sophisticated scam operation, known as Inferno Drainer, managed to deceive more than 137,000 victims and siphon off nearly $88 million, as reported by Group-IB.
The scam-as-a-service model employed by Inferno Drainer involved affiliates luring unsuspecting victims to phishing sites that mimicked popular crypto brands and Web3 protocols such as Seaport, WalletConnect, and Coinbase. These protocols are essential for enabling transactions and interactions within the Web3 ecosystem. By spoofing these protocols and using social engineering tactics, the fraudsters tricked users into authorizing fraudulent transactions under the guise of claiming prizes or rewards.
Seaport, a marketplace for NFT trading, WalletConnect, a protocol for connecting self-custody crypto wallets to DApps, and Coinbase, a well-known crypto exchange, were all utilized by Inferno Drainer to carry out its malicious activities. The scammers targeted users by promising free tokens, rewards for minting NFTs, or compensation for fake disruptions experienced by the spoofed companies.
Operating primarily as a service for cybercriminals, Inferno Drainer allocated 20% of the stolen funds to developers and the remaining 80% to affiliates who drove traffic to the phishing sites. Affiliates were provided with tools such as a user panel, Telegram channel, and phishing websites/software to manage their campaigns. The malware deployed on these phishing sites was then promoted through social media platforms like X (formerly Twitter) and Discord.
Once a victim’s crypto wallet was compromised, the drainer selectively targeted the most valuable assets for transfer, disregarding amounts below $100. Group-IB emphasized the importance of vigilance in light of these evolving threats and encouraged victims to report such incidents to law enforcement agencies to combat future attacks.
As the crypto landscape continues to evolve, staying informed and cautious is essential to safeguarding against sophisticated scams like Inferno Drainer. By remaining vigilant and reporting suspicious activities, individuals can contribute to the collective effort to combat cybercrime in the crypto space.