In the evolving crypto landscape, a new menace called phishing scams has emerged, leaving individuals and businesses vulnerable to massive financial losses and privacy breaches. In this article, we shall assess one scam-as-service vendor known as Inferno Drainer, which has stolen more than $70 million worth of crypto and NFTs since the start of this year.

Data compiled by Dune Analytics, an on-chain data aggregator, indicates that Inferno Drainer has successfully disappeared millions of dollars worth of crypto and NFTs since its inception earlier this year. From January to November, Infernal Drainers has stolen $71,559,637 worth of crypto from 104,518 victims.

What or Who Is Inferno Drainer?

Inferno Drainer is a scam vendor specializing in multi-chain scams, which came into the limelight earlier this year. The Inferno Drainer phishing scam is aptly renowned for its ability to drain victims’ resources and has recently come to the forefront of crypto evolution.

The web3 scam detection firm, Scam Sniffer, unmasked the sophisticated’ scam-as-a-service’ platform in May. At the time, the scam vendor Inferno Drainer was allegedly linked to stealing more than $6 million in just less than three months.

1/ Inferno Drainer, a scam vendor specializing in multi-chain scams, has stolen $5.9 million in assets from nearly 4,888 victims through over 689 phishing websites targeting popular projects.https://t.co/OEjdzHm2Ls

— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) May 19, 2023

Scam Sniffer revealed that the platform used the Permit2 exploit to drain crypto users. By light description, Permit2 exploits are phishing scams that use a streamlined variation of the crypto token approval process. Inferno Drainer was linked to over 689 phishing websites that stole $5.9 million from victims on various networks, including Ethereum, Arbitrum, Polygon, and BNB Chain.

How Does Inferno Drainer Operate?

Inferno Drainer mainly operates within the dark web. In that context, the group behind the scam-as-a-service operation remains shrouded in mystery, employing more advanced techniques to evade detection by law enforcement agencies and cyber security experts.

Based on information previously shared by Scam Sniffer, Inferno Drainer provides scammers with ready-to-use code that enables them to steal crypto in exchange for a 20% share of the scammers’ crypto loot. In some cases, the platform even offered to create phishing sites for customers in exchange for a 30% commission, but only for “good customers or people with big potential.”

Inferno Drainer operates on sophisticated phishing tactics, including creating convincing replicas of well-known websites, such as banking portals and crypto exchanges. The scam vendor lures unsuspecting victims into divulging their sensitive login credentials and personal information before using them to drain their crypto wallets.

Inferno Drainer is the first scam-as-a-service platform to terrorize crypto traders. Last year, ZachXBT, an on-chain sleuth, discovered a comparable service named “Monkey Drainer”. Before shutting down its doors in March 2023, the scam vendor had stolen at least $1 million in ETH from crypto traders.

Moreover, Scam Sniffer uncovered a similar “scam as a service” known as Venom Drainer. It took $27 million from 15 thousand people, with the top five victims losing $14 million. Over 530 phishing sites targeting over 170 brands were built during that heist.

Top Crypto And NFT Scams In 2023

Earlier this year, Kevin Rose, the co-founder of the non-fungible token collection Moonbirds, fell victim to a phishing scam that led to more than $1.1 million worth of his personal NFTs stolen. At the time, Kevin Rose approved an OpenSea NFT marketplace contract to move all his NFTs whenever he signed transactions.

I was just hacked, stay tuned for details – please avoid buying any squiggles until we get them flagged (just lost 25) + a few other NFTs (an autoglyph) …

— Kevin Rose (@kevinrose) January 25, 2023

In September, Dallas Mavericks owner and billionaire technology investor Mark Cuban lost some $870,000 worth of crypto tokens after likely accidentally clicking on a phishing link. Cuban’s wallet was drained of U.S.-pegged stablecoins, staked ETH (stETH), SuperRare (RARE) tokens, and some Ethereum Name Service domains after downloading a Metamask crypto wallet along with some fraudulent phishing links.

Lmao, did Mark Cuban’s wallet just get drained?

Wallet inactive for 160 days and all assets just moved pic.twitter.com/vWnMZFyHB5

— Wazz (@WazzCrypto) September 15, 2023

Earlier the same month, Ethereum co-founder Vitalik Buterin’s X account ‘formerly Twitter’ was compromised in a sim swap attack. Even though the Ethereum founder Vitalik Buterin did not lose his funds, his followers lost a cumulative $700,000 by sending crypto tokens to an illicit link he seemingly endorsed.

Please do *NOT* click the phishing link pic.twitter.com/sPK7cTAwVw

— PeckShield Inc. (@peckshield) September 9, 2023

How To Protect Yourself From Phishing Attacks

If you’re a crypto or a non-fungible token trader, you can protect yourself from any phishing attacks by knowing how to recognize them and implementing some of the security safety tips. To start with, you need to know what phishing attacks are.

By description, a phishing attack is a sophisticated social engineering attack aimed to persuade the victim into disclosing sensitive information such as credit cards or social security numbers. Most phishing attacks take the form of emails or links disguised to look like they come from trusted sources. Below, we have listed five tips that will help you safeguard your crypto and NFTs:

1. A Secure Platform

Despite numerous campaigns and awareness about crypto scams, traders have found themselves in the wrong hands of scammers and hackers. Using a secure and reputable platform is one of the most effective ways to hedge against phishing attacks. In that case, traders are advised to do thorough research to ensure that the platform they join has a good reputation and firm security measures to protect users’ private keys.

2. A Strong Password

Under normal circumstances, it is inevitable that someone else may end up handling your phone and your crypto wallets in it. In that context, creating a strong password is recommended. During the creation of a password, crypto traders are advised to use a combination of letters, numbers, and special characters. Other techniques include fingerprint, facial recognition and PIN screen locks.

3. A Hardware Wallet

One of the most secure ways to store your private keys for your crypto wallet is on a hardware wallet. Hardware wallets are physical devices that allow you to store your private keys offline. This means that your private keys will be safe even if your computer is hacked. Some reputable hardware wallets include the Ledger Nano S and the Trezor.

4. Two-Factor Authentication ‘2FA’

Two-factor authentication is another proven security measure for protecting your crypto wallet from potential phishing threats. The authentication adds an extra layer of security to your account by requiring you to enter a code from your phone or computer device in addition to your strong password.

5. Create A Multisig Crypto Wallet

Lastly, make use of a multisig crypto wallet. Multisig wallets, also known as shared wallets, are a type of crypto wallet that requires two or more signatures to confirm and send a transaction. These signatures can be made by multiple parties ‘similar to a joint account’ or the same party signing from multiple devices.

Related NFT News:

• SEO Powered Content & PR Distribution. Get Amplified Today.
• PlatoData.Network Vertical Generative Ai. Empower Yourself. Access Here.
• PlatoAiStream. Web3 Intelligence. Knowledge Amplified. Access Here.
• PlatoESG. Carbon, CleanTech, Energy, Environment, Solar, Waste Management. Access Here.
• PlatoHealth. Biotech and Clinical Trials Intelligence. Access Here.
• Source: https://insidebitcoins.com/news/inferno-drainer-has-stolen-over-70m-worth-of-crypto-nfts-in-2023-analysis