Inferno Drainer says it’s shutting down after helping steal $70M in crypto

November 27, 2023 Coin Telegraph

Inferno Drainer says it’s shutting down after helping steal M in crypto

“We hope you can remember us as the best drainer that has ever existed,” wrote the scam-as-a-service wallet drainer.

Inferno Drainer, one of the most popular crypto wallet-draining kits for hire says it is shutting down for good after helping phishing scammers steal nearly $70 million worth of crypto this year.

In a Nov. 26 Telegram post, the team behind Inferno Drainer said it was “time for us to move on.” However, it said that the files and infrastructure needed to run the wallet drainer won’t be destroyed but instead will remain active so users can make a “smooth transition” to other services.

“It has been a long ride with all of you and we’d like to thank you from heart [sic]. Unfortunately, nothing lasts forever.”

“A big thank [sic] to everyone who has worked with us,” it added. “We hope you can remember us as the best drainer that has ever existed and that we succeeded in helping you in the quest of making money.”

*Inferno Drainer’s final message to its users. Source: Telegram*

Inferno Drainer gained prominence early this year and saw increased use after the popular Monkey Drainer tool shut down. Like its peers, Inferno offered its crypto wallet-draining software and took a 20% cut of what users stole.

Since February, Inferno Drainer has stolen nearly $70 million from over 100,000 victims, according to analytics from Web3 anti-scam platform Scam Sniffer. However, the Inferno Drainer team suggested the amount stolen was over $80 million.

The Inferno Drainer team has deleted the affiliate Telegram account “mr_inferno_drainer” used for arranging its service and warned its users not to trust other drainers using its name in the future.

Blockchain security firm CertiK told Cointelegraph that Inferno Drainer was “one of the most damaging phishing kits to the community we’ve seen.”

It added there are still “plenty of providers out there” who are active, including rival Pink Drainer and Angel Drainer, the latter of which released an update on Nov. 25 to help users drain wallets on more blockchains.

Monkey Drainer, another high-profile crypto drainer that stole millions, shut down in March, saying it was “time to move on to something better.”

Magazine: Tornado Cash 2.0 — The race to build safe and legal coin mixers

Ordswap urges users to recover keys after losing control of website

October 10, 2023 Coin Telegraph

bitcoin ordinals

Before it was taken down, Ordswap users said the compromised website directed users to a phishing link.

Ordswap, a marketplace that allows users to inscribe, auction, and trade Bitcoin Ordinals, has devised a method for users to retrieve their private keys as it scrambles to regain control of its website domain.

In an Oct. 10 X (Twitter) post, the Ordswap X account shared an online tool that purports to help users who logged into the site through MetaMask to recover their Ordswap private keys, allowing them to move to other providers.

Source for metamask users to obtain key is now available below. You are able to import(hex) to Unisat. https://t.co/oETb7h7sA0 https://t.co/NGaaLiNNwW
— Ordswap (@ordswap) October 10, 2023

Hours earlier, on Oct. 9, Ordswap posted a stark warning to users not to connect to its domain as it was not in control of it. It pinned the issue on Netlify — a website development and hosting firm.

We are working on publishing source for metamask users to obtain their key if they have not already. The issue appears to be with Netlify, but we are still working through it. https://t.co/uYGxJkzGfj
— Ordswap (@ordswap) October 9, 2023

On the project’s Discord server, a member of Ordswap’s team and users reported that for a time, the website featured a button prompting users to connect their crypto wallet in an apparent attempt to phish users.

One X user reported the button was a wallet drainer — an increasingly popular tool deployed by crypto scammers. At the time of writing, Ordswap’s website automatically redirected to a competing marketplace RelayX.

An Ordswap team member on Discord claimed the project had not seen an impact on user private keys or assets due to the breach but added users could be compromised if they interacted with the site.

*Ordswap support team member “Bitkorn” claims the project hasn’t seen user assets impacted by the wesbite breach. Source: Discord*

In late September, the website for the Ethereum-based automated market maker Balancer was compromised in a seemingly similar attack, with attackers making off with around $240,000 worth of funds.

Balancer later said it believed the exploiters undertook a social engineering attack on its DNS service provider EuroDNS which allowed attackers to input a prompt to trick users into approving a malicious contract that drains their wallet.

Magazine: NFT Collector: Giant Swan’s gothic VR dreamscapes… royalty nightmare on OpenSea

Notorious Monkey Drainer crypto scammer says they’re ‘shutting down’

March 2, 2023 Coin Telegraph

certik

The scammer behind the crypto wallet draining kit even recommended an alternative and gave advice to budding cybercriminals.

The cryptocurrency phishing scammer behind some of the most high-profile and high-value Web3 thefts is claiming to have packed up shop and is “moving on to something better.”

The scammer by the pseudonym Monkey Drainer posted to their Telegram channel on Mar. 1 that they “will be shutting down immediately” and all “files, servers and devices” related to the drainer “will be destroyed immediately” and it “will not return.”

*Monkey Drainer’s full message posted to Telegram recommending an alternative service. Source: Telegram*

The scammer even gave advice to budding “young cyber criminals” saying they shouldn’t “lose themselves in the pursuit of easy money” and only those “with the highest level of dedication” should operate a “large scale cybercrime” outfit.

Monkey Drainer even recommended a “flawless” alternative service to the one they once offered named “Venom Drainer” and pointed to a Telegram account for the service that was created only a day before Monkey’s announcement.

Blockchain security firm PeckShield tweeted on Mar. 1 that Monkey Drainer scammer deposited around 200 Ether (ETH) worth $330,000 within the last day into the crypto mixing service Tornado Cash, attempting to obscure their funds. 840 ETH worth $1.4 million was still in their primary wallet.

#PeckShieldAlert Scammer #MonkeyDrainer, who runs theft schemes for multiple clients (a sort of 'scam-as-a-service') announced to shut down their service
~200 $ETH has been transferred to Tornado Cash within the last 24 hours, while ~840 $ETH (~$1.4M) sits in their main address pic.twitter.com/1lg3KLRxhk
— PeckShieldAlert (@PeckShieldAlert) March 1, 2023

Blockchain security firm CertiK also shared Monkey’s message on a Mar. 1 tweet, saying the crypto wallet-draining kit they offered is understood to take a 30% “commission” of funds stolen funds from others' use of the software.

Wallet-draining kits from other providers have copied the model, and CertiK pointed to other vendors already reporting an uptick in requests since Monkey Drainer announced the shutdown.

3/ Wallet drainer vendors have noted the payment structure Monkey introduced and have since copied

Below are a few examples that we’ve seen: pic.twitter.com/i62aU5t2pv
— CertiK Alert (@CertiKAlert) February 28, 2023

Monkey Drainer is understood to have operated since late 2022 and is estimated to have stolen up to $13 million worth of cryptocurrencies and nonfungible tokens (NFTs) since that time.

Other copycat phishing scammers and wallet-draining kits have stolen much more. A report from Web3 bug bounty platform Immunefi revealed $3.9 billion worth of crypto was lost to hacks, frauds, scams and rug pulls in 2022.

Possibly one of the single most high-profile and high-value theft by a wallet drainer in recent times was the January attack on Kevin Rose, the co-founder of the Moonbirds NFT collection.

Rose’s wallet was drained after he approved a malicious signature on a phishing website that transferred over $1.1 million worth of his personal NFTs to the attacker.

crypto drainer