Investor Loses $6.9 Million in Inferno Drainer Phishing Scam
A cryptocurrency investor recently lost millions to a sophisticated phishing scam. Scam Sniffer, a Web3 anti-scam firm, reported that the investor was tricked into signing a malicious Permit phishing signature.
This authorization led to the theft of 1,807 Ether.fi-Liquid1 tokens, valued at $6.9 million. Moreover, blockchain investigator ZachXBT noted that the same investor fell victim to a phishing attack last year, losing $638,000.
Pink and Inferno Drainer Linked to Attack
The scam involved using a permit function, allowing an off-chain authorization signature to execute transactions on another address’s behalf. This method enabled the transfer of tokens without on-chain transactions, facilitating the theft.
The theft involved two wallets, 0xE56978, from the scammer and 0xFC4EA, belonging to a drainer. Notably, the stolen funds remain within these addresses.
Meanwhile, MistTrack, a crypto tracking and compliance platform built by SlowMist, found connections to the Pink and Inferno Drainers, notorious draining-as-a-service (DAAS) providers in the theft. The drainers offer scammers tools for phishing exploits, such as fake social media accounts and websites, in exchange for a cut of the stolen funds. BeInCrypto reported that these services were used to steal $295 million from 324,000 victims in 2023.
“Another huge amount of phishing, nearly 7 million USD of ETH pledged assets… from the old phishing gang Inferno Drainer. The reason is that the relevant permit offline authorization signature was phished away. Are there still many people who haven’t heard of the phishing tricks or rumors of ‘1click f#ck?’ I hope the victims can come forward to tell their own stories, especially what wallets they used,” Yu Xian, founder of SlowMist, commented.
Analysis Showing Pink and Inferno Drainer Link to The Attack. Source: MistTrack
Last week, Pink Drainer announced its retirement after amassing $85 million in stolen assets. Around the same period, Inferno Drainer resumed operations after a brief hiatus, citing increased demand and competitors’ exit.
This incident further shows that phishing attacks remain a prevalent method for stealing digital assets. Scammers often use fake accounts on social media platforms to impersonate legitimate projects. These accounts may display fake verification marks and post deceptive comments to lure users to malicious websites that drain their assets.