1. Home
  2. crypto drainer

crypto drainer

Check Point Discovers Mobile Crypto Drainer App on Google Play Store: $70K Stolen From 10,000 Users

Check Point Discovers Mobile Crypto Drainer App on Google Play Store: K Stolen From 10,000 UsersCheck Point Research (CPR) has uncovered a new threat: a mobile crypto drainer app found on Google Play. This app, deceptively posing as the legitimate WalletConnect tool, exploited the growing popularity of digital assets and targeted users directly on their mobile devices. Over five months, it achieved more than 10,000 downloads and stole around $70,000 […]

From Ethereum’s Debut to the Future of Web3: The Legacy of WAGMI

Inferno Drainer says it’s shutting down after helping steal $70M in crypto

“We hope you can remember us as the best drainer that has ever existed,” wrote the scam-as-a-service wallet drainer.

Inferno Drainer, one of the most popular crypto wallet-draining kits for hire says it is shutting down for good after helping phishing scammers steal nearly $70 million worth of crypto this year.

In a Nov. 26 Telegram post, the team behind Inferno Drainer said it was “time for us to move on.” However, it said that the files and infrastructure needed to run the wallet drainer won’t be destroyed but instead will remain active so users can make a “smooth transition” to other services.

“It has been a long ride with all of you and we’d like to thank you from heart [sic]. Unfortunately, nothing lasts forever.”

“A big thank [sic] to everyone who has worked with us,” it added. “We hope you can remember us as the best drainer that has ever existed and that we succeeded in helping you in the quest of making money.”

Inferno Drainer’s final message to its users. Source: Telegram

Inferno Drainer gained prominence early this year and saw increased use after the popular Monkey Drainer tool shut down. Like its peers, Inferno offered its crypto wallet-draining software and took a 20% cut of what users stole.

Since February, Inferno Drainer has stolen nearly $70 million from over 100,000 victims, according to analytics from Web3 anti-scam platform Scam Sniffer. However, the Inferno Drainer team suggested the amount stolen was over $80 million.

The Inferno Drainer team has deleted the affiliate Telegram account “mr_inferno_drainer” used for arranging its service and warned its users not to trust other drainers using its name in the future.

Related: Pink, Pussy, Venom, Inferno — Drainers coming for a crypto wallet near you

Blockchain security firm CertiK told Cointelegraph that Inferno Drainer was “one of the most damaging phishing kits to the community we’ve seen.”

It added there are still “plenty of providers out there” who are active, including rival Pink Drainer and Angel Drainer, the latter of which released an update on Nov. 25 to help users drain wallets on more blockchains.

Monkey Drainer, another high-profile crypto drainer that stole millions, shut down in March, saying it was “time to move on to something better.”

Magazine: Tornado Cash 2.0 — The race to build safe and legal coin mixers

From Ethereum’s Debut to the Future of Web3: The Legacy of WAGMI

Ordswap urges users to recover keys after losing control of website

Before it was taken down, Ordswap users said the compromised website directed users to a phishing link.

Ordswap, a marketplace that allows users to inscribe, auction, and trade Bitcoin Ordinals, has devised a method for users to retrieve their private keys as it scrambles to regain control of its website domain.

In an Oct. 10 X (Twitter) post, the Ordswap X account shared an online tool that purports to help users who logged into the site through MetaMask to recover their Ordswap private keys, allowing them to move to other providers.

Hours earlier, on Oct. 9, Ordswap posted a stark warning to users not to connect to its domain as it was not in control of it. It pinned the issue on Netlify — a website development and hosting firm.

On the project’s Discord server, a member of Ordswap’s team and users reported that for a time, the website featured a button prompting users to connect their crypto wallet in an apparent attempt to phish users.

One X user reported the button was a wallet drainer — an increasingly popular tool deployed by crypto scammers. At the time of writing, Ordswap’s website automatically redirected to a competing marketplace RelayX.

An Ordswap team member on Discord claimed the project had not seen an impact on user private keys or assets due to the breach but added users could be compromised if they interacted with the site.

Ordswap support team member “Bitkorn” claims the project hasn’t seen user assets impacted by the wesbite breach. Source: Discord

Related: FTX hacker could be using SBF trial as a smokescreen: CertiK

In late September, the website for the Ethereum-based automated market maker Balancer was compromised in a seemingly similar attack, with attackers making off with around $240,000 worth of funds.

Balancer later said it believed the exploiters undertook a social engineering attack on its DNS service provider EuroDNS which allowed attackers to input a prompt to trick users into approving a malicious contract that drains their wallet.

Magazine: NFT Collector: Giant Swan’s gothic VR dreamscapes… royalty nightmare on OpenSea

From Ethereum’s Debut to the Future of Web3: The Legacy of WAGMI

Notorious Monkey Drainer crypto scammer says they’re ‘shutting down’

The scammer behind the crypto wallet draining kit even recommended an alternative and gave advice to budding cybercriminals.

The cryptocurrency phishing scammer behind some of the most high-profile and high-value Web3 thefts is claiming to have packed up shop and is “moving on to something better.”

The scammer by the pseudonym Monkey Drainer posted to their Telegram channel on Mar. 1 that they “will be shutting down immediately” and all “files, servers and devices” related to the drainer “will be destroyed immediately” and it “will not return.”

Monkey Drainer’s full message posted to Telegram recommending an alternative service. Source: Telegram

The scammer even gave advice to budding “young cyber criminals” saying they shouldn’t “lose themselves in the pursuit of easy money” and only those “with the highest level of dedication” should operate a “large scale cybercrime” outfit.

Monkey Drainer even recommended a “flawless” alternative service to the one they once offered named “Venom Drainer” and pointed to a Telegram account for the service that was created only a day before Monkey’s announcement.

Blockchain security firm PeckShield tweeted on Mar. 1 that Monkey Drainer scammer deposited around 200 Ether (ETH) worth $330,000 within the last day into the crypto mixing service Tornado Cash, attempting to obscure their funds. 840 ETH worth $1.4 million was still in their primary wallet.

Blockchain security firm CertiK also shared Monkey’s message on a Mar. 1 tweet, saying the crypto wallet-draining kit they offered is understood to take a 30% “commission” of funds stolen funds from others' use of the software.

Wallet-draining kits from other providers have copied the model, and CertiK pointed to other vendors already reporting an uptick in requests since Monkey Drainer announced the shutdown.

Monkey Drainer is understood to have operated since late 2022 and is estimated to have stolen up to $13 million worth of cryptocurrencies and nonfungible tokens (NFTs) since that time.

Related: Monkey Drainer-linked scammers possibly exposed after an on-chain quarrel

Other copycat phishing scammers and wallet-draining kits have stolen much more. A report from Web3 bug bounty platform Immunefi revealed $3.9 billion worth of crypto was lost to hacks, frauds, scams and rug pulls in 2022.

Possibly one of the single most high-profile and high-value theft by a wallet drainer in recent times was the January attack on Kevin Rose, the co-founder of the Moonbirds NFT collection.

Rose’s wallet was drained after he approved a malicious signature on a phishing website that transferred over $1.1 million worth of his personal NFTs to the attacker.

From Ethereum’s Debut to the Future of Web3: The Legacy of WAGMI