Inferno Drainer Ceases Operations After Massive Crypto Wallet Phishing Campaign

The notorious phishing operation, Inferno Drainer, which functioned under the scam-as-a-service model, officially announced its shutdown in November 2023. Operating from November 2022 to November 2023, Inferno Drainer targeted cryptocurrency wallet providers in a widespread campaign, inflicting substantial financial damage. Victims fell prey to sophisticated phishing websites, connecting their cryptocurrency wallets with the attackers’ infrastructure.

Group-IB uncovered over 16,000 unique domains associated with Inferno Drainer’s phishing operations, impersonating at least 100 individual crypto brands. The malicious scripts within Inferno Drainer spoofed popular Web3 protocols, gaining user consent to authorize transactions. Operating on a scam-as-a-service framework, 20% of stolen assets went to Inferno Drainer’s organizers, with users retaining the remaining 80%. Despite the announced shutdown, Group-IB discovered the user panel for cybercriminals still active as of mid-January 2024. While Inferno Drainer has halted operations, the potential emergence of new drainer malware inspired by its track record remains a concern.

Image by GROUP-IB

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top