The recent announcement of the end of the operation of the notorious wallet-draining kit Inferno Drainer came as a surprise to many in the Web3 community. Since the first reports of the damage caused by this scam vendor came in May and until its end, Inferno Drainer helped its users steal more than $80 million, and now its team has decided to shut it down.
"After draining over 80 million dollars, we decided to shut down; it is time for us to move on," the team behind the money-draining kit wrote on its Telegram account yesterday. Inferno Drainer promised its users not to destroy its servers and devices to allow for "a smooth transition to the new service" the malicious actors relying on the Inferno scam vendor are going to choose. However, the team stated that it was going to delete its Telegram account instantly.
Read also: Beware of Inferno Drainer: a new crypto scam is on the rise, $6 million stolen so far
"All other people that are going to claim that are us, is only more effort to scam you. Do not trust anyone. Inferno is closed for good and will not return," the team added.
Before this announcement, Loch, the Web3 project offering personalized crypto portfolio management, shared with the X community its opinion about current rumors connecting the new Ethereum L2 protocol Blast with the scam vendor.
According to Loch, there is indeed a link between one of the BLAST founders and a Binance Deposit address associated with the Inferno Drainer. However, Loch emphasizes that the Binance Deposit address in question resembles one used by HoudiniSwap, and multiple addresses have interacted with it.
Loch claims that, given the widespread usage of the Binance Deposit address by various entities, it may be safe to assume there was no actual connection between Blast and Inferno Drainer.
"BLAST is backed by Paradigm, the biggest guys in the industry, the Blur team is behind the BLAST too. It is safe in our opinion," Loch concludes.
Meanwhile, DeFi researcher with the X nickname "KR" stressed that the entity behind the four Blast multisig signers (0x5b9, 0xb7c, 0x46e, and 0x6a35), funded by the same wallet (0x62ab), is venture capital firm Amber Group, which, according to KR, "implicitly owned BLUR token."
While the team behind Inferno Drainer admitted assistance in the total theft of over $80 million, some blockchain analytics teams, including ScamSniffer, estimate losses at less than $70 million, which is still a significant figure. ScamSniffer also reports that malicious actors relying on this tool compromised the wallets of over 103,000 victims, with the drainer’s team generating at least $20 million in profit from fees.
Although Inferno Drainer has ceased operation, other active scam vendors, including Angel Drainer, MS Drainer, and Pink Drainer, persist. Recently, users have reported an increased number of advertisements on this popular social platform promoting scams, particularly those utilizing wallet-draining kits.
Threat intelligence analyst Gi7w0rm claimed that, on November 22, after a brief 5-minute scroll on the social network, they encountered three distinct crypto scams — specifically, two instances using Angel Drainer and one instance of MS Drainer.
Read also: Almost $170 Million Lost in Last Week’s Web3 Exploits
According to Gi7w0rm, the current X ad policy has led to the scenario when, on average, seven out of fifteen promotional posts are linked to crypto scams.
Wallet-draining scams stealthily target cryptocurrency and NFTs, exploiting users who unknowingly authorize transactions or engage with phishing sites. Employing sophisticated tactics, the drainer emulates a genuine wallet by generating HD keys and multiple addresses linked to a master private key. It quickly scans blockchain explorers, relocating assets through executed transactions. Adding to the threat, scammers ensnare wallets in malicious smart contracts to pilfer valuable assets.
To safeguard your crypto wallet from these schemes, aside from avoiding suspicious links and refraining from sharing private keys or recovery phrases, regularly review and revoke permissions granted to dApps after transactions. Using cold wallets is an additional measure to mitigate the risk of fund loss.