Crypto Whale Loses $32M to Inferno Drainer Scam

As an analyst with years of experience in the crypto space, I can’t help but feel a sense of dismay when reading about yet another massive crypto heist. The story of CZSamSun losing over $32 million to Inferno Drainer is a stark reminder of the ever-evolving threat landscape in the world of digital assets.


As per the report by ScamSniffer on their platform X, it is said that a significant crypto investor (often referred to as a ‘crypto whale’) apparently lost over $32 million worth of tokens due to a supposedly malicious transaction linked with Inferno Drainer, according to the accusations.

12,083 spWETH tokens were siphoned out of a large user’s wallet on the decentralized finance platform Spark, which equated to approximately $32.4 million in value at that moment.

Inferno Drainer: The $215M Crypto Scam That’s Back and Bigger

According to blockchain intelligence provider Arkham, this malicious transaction was connected to Inferno Drainer, an illegal service that offers scams as a product.

Operating as a service for scams, Inferno Drainer deliberately deceives users by establishing fake replicas of well-known DeFi platforms. Unsuspecting victims are tricked into handing over control of their digital wallets to these con artists. Yet, it’s important to remember that such criminal activities have a limited lifespan. For instance, the masterminds behind Pink Drainer, a part of a broader phishing-as-a-service network including platforms akin to Inferno Drainer, declared the cessation of their operations this May following the theft of approximately $75 million in cryptocurrency from nearly 20,000 victims.

Based on data from the Dune Analytics dashboard provided by ScamSniffer, it’s been estimated that the Inferno Drainer scam has successfully stolen approximately $215 million from over 200,000 unsuspecting individuals.

The individuals behind the Inferno Drainer fraud scheme are said to pocket 20% of the stolen cryptocurrency tokens. This service was temporarily halted by its creators in November 2023, but reappeared in May, promising enhanced services with “new personnel, new operational methods, improved support, and additional features.” Now, this fraud-as-a-service platform claims compatibility with 28 different blockchains and numerous DeFi applications.

Whale CZSamSun Loses Fortune to Phishing Scam

Despite the identity of the person who suffered a $32 million loss remaining uncertain, the incident has been linked by blockchain investigator ZachXBT to a large investor known as CZSamSun, distinct from Sam Czsun, a researcher at venture capital firm Paradigm. Notably, Paradigm is recognized for combating cybercriminals. In April of this year, the head of security at Paradigm, who is also a white hat hacker, revealed SEAL-ISAC. This innovative platform aims to facilitate the sharing of critical cybersecurity information.

The digital wallet linked to CZSamSun additionally contained a message, transmitted via blockchain technology, indicating that 20% of the reimbursement sum would be directed to the person returning the coins, from the wallet of the victim. However, no reply has been received yet from Inferno Drainer.

Analytics platform LookOnChain also issued a warning against X:

To prevent falling victim to fraudulent activities like phishing, refrain from clicking on unfamiliar links and signing documents that aren’t recognized. It’s always a good idea to verify your signature before you affix it.

As cryptocurrency use becomes more widespread, it’s crucial to stay vigilant and practice caution when dealing with your digital assets due to the growing complexity of phishing attempts in the crypto world.

How to Protect Yourself from Phishing Attacks

To prevent harmful attacks like phishing, it’s advisable to initially set up anti-phishing software and reliable antivirus programs. These tools can identify and stop such threats. For instance, in a complex con job not long ago, one Genesis creditor fell victim to a theft orchestrated by three key individuals: Greavys (also known as Malone Iam), Wiz (also known as Veer Chetal), and Box (also known as Jeandiel Serrano).

Keeping your devices and their software up-to-date, particularly crucial applications like email, phones, and web browsers, is a wise investment considering their increasing importance in handling numerous essential tasks.

As a diligent researcher, I prioritize my online safety by equipping my browser with anti-phishing extensions and pop-up blockers. These tools serve as an extra layer of protection, safeguarding me from potential threats while surfing the web. It’s essential to remain vigilant, even when dealing with seemingly legitimate emails. I always verify URLs and sender addresses before clicking on links to ensure their authenticity and prevent any unwanted intrusions.

For example, Inferno Drainer employed malicious scripts with spoofs of popular Web3 protocols and fooled owners into connecting their wallets and authorizing transactions that appeared to them for collecting an airdrop. The scammers also advertised their services via a Telegram channel called Inferno Multichain Drainer.

It’s wise to steer clear of downloading files from unrecognized websites as they could potentially introduce harmful software into your system. Always be cautious about suspicious activities on social media platforms, such as phishing attempts, and scrutinize online ads to ensure that the sources are reliable.

In the end, make sure to use two-factor authentication whenever it’s offered as it provides an extra shield against unwanted account access.

Read More

2024-09-28 21:52