$760K Stolen through Inferno Drainer
A single victim lost about 760K a couple of days ago in wstETH, stETH, and pufETH. This appears to be yet another phishing scam where the victim approved a number of malicious signatures
A single victim lost about 760K a couple of days ago in wstETH, stETH, and pufETH. This appears to be yet another phishing scam where the victim approved a number of malicious signatures.
Victim Wallet - 0x5789A38a3FAcfaa86ED950e88D79a9A2F6140052 - 760K VICTIM
Hacker Wallet - 0xA212763d2BdDb0BD704f1df9Ab9F3A6b64ACa633 - 760K Hacker
Drainer Wallet - 0xFC4EAA4ac84D00f1C5854113581F881b42b4A745 - 760K Drainer
Usually I like to spend time tracing the funds but all the stolen funds still appear to be in the Hacker's wallet.
I'm not seeing any outgoing txns to any exchanges or intermediary wallets.
0xA212763d2BdDb0BD704f1df9Ab9F3A6b64ACa633 - 760K Hacker is a wallet created on 4/10/24 with about 850K in it and growing!
0xFC4EAA4ac84D00f1C5854113581F881b42b4A745 - 760K Drainer is connected to a number of different scams/hacks. It was created on 3/19/24 and has about 3.1M in the wallet, and also growing!
I have 0xFC4EAA4ac84D00f1C5854113581F881b42b4A745 labeled as a Drainer wallet as it appears to be taking a fee of 10 - 11 % of the stolen assets.
The wallet address 0xFC4EAA4ac84D00f1C5854113581F881b42b4A745 appears to belong to one of the popular SASS (Scams-as-a-Service) wallet drainers, in this case Inferno Drainer.
Inferno Drainer has been around since Nov 2022 and was built as backend infrastructure to drain victim's cryptocurrency wallets across multiple chains. It quickly become the most popular wallet drainer service in 2023, stealing over 70M+ in crypto.
Typically, 20% of the stolen funds goes to the Inferno Drainer organizers while 80% goes to the Customer (the phishing scammer).
Inferno Drainer claims to of shutdown back in Nov 2023 but it appears the code was just updated and a new iteration was launched. Additionally, I noticed the drainer wallet took about 10% of the stolen assets instead of 20%. Maybe this is Inferno Drainer Lite?
For example, 0xFC4EAA4ac84D00f1C5854113581F881b42b4A745 is directly connected with the malicious Smart Contract of 0x0000db5c8B030ae20308ac975898E09741e70000, which has been identified as Inferno Drainer.
All of these transactions are done anonymously and these drainer services operate like businesses. To this day we don't know the operator or operators behind Inferno Drainer. We do know that this scam-as-a-service appears to be profitable for all parties involved, except the victim.
According to some researchers, Inferno Drainer has now stolen funds well over 100M+ across 16,000+ retail victims.
