According to a report by Scam Sniffer, the Inferno Drainer phishing service has created at least 689 fake websites since March 27, 2023, and stolen more than $5.9 million worth of cryptocurrencies from 4,888 victims. Researchers first noticed the service due to an advertisement on Telegram, which featured a screenshot of $103,000 stolen from victims. The majority of phishing sites appeared online after May 14, 2023, and mimic the websites of 229 popular brands.
Inferno Drainer is advertised as a multi-chain scam, offering Aave theft, MetaMask exploits, and more. The authors of the toolkit provide their clients with a customizable administration panel and even offer a trial version. Clients pay the authors of Inferno Drainer around 20-30% of their “revenue”.
The experts concluded that the service has been active since February 2023, and since mid-April 2023 it has noticeably increased the scale of its operations. Most of the assets ($4.3M) have been stolen from Mainnet, $790,000 from Arbitrum, $410,000 from Polygon and $390,000 from BNB. One of the biggest casualties identified by analysts lost $400,000 in assets.
Scam Sniffer reports that the attackers are distributing the funds received from the attacks among five cryptocurrency addresses, which currently hold between 250 and 400 ETH.
