The NFT ecosystem is no stranger to scams and fraudulent activities, but a new player has entered the field, raising alarm bells within the crypto community. It goes by the name of “Inferno Drainer”, and it’s causing quite a stir.
Inferno Drainer is a malicious software provider allegedly linked to thousands of scams resulting in the theft of several million dollars. It’s a type of “malware-as-a-service” product that provides the software and malicious site hosting, with charges based on the amount stolen. The scammer reportedly charges 20% to 30% of the stolen assets in exchange for their malicious software, which is then used to create fraudulent websites.
Read also: The NFT impact: conventional and digital art
Scam Sniffer, a platform specializing in the identification of scams, revealed that by analyzing off-chain and on-chain data on Ethereum, Arbitrum, BNB Chain, and other chains, they identified 4,888 victims who collectively lost over $5.9 million in cryptocurrencies and NFTs due to Inferno Drainer. Approximately 1,699 ETH is reported to have been stolen and distributed across five different addresses, each holding between 300 and 400 ETH.
The extent of these scams was discovered when a suspected Inferno Drainer member named “Mr Inferno” appeared in a Scam Sniffer’s Telegram group, leading to the discovery of a website promoting the scammer’s services. Inferno is reported to have created nearly 689 phishing websites since March 27, 2023, but the illicit activities could have started even earlier.
What Projects Are the Main Target?
The scammers targeted some of the most well-known brands in the crypto ecosystem, such as Pepe, Collab.Land, zkSync, MetaMask, and Nakamigos, among others, with a total of about 220 brands believed to have been used to deceive users.
The victim who suffered the greatest losses had nearly $400,000 worth of assets stolen. In a desperate attempt, the victim tried to negotiate with the scammer, offering to let them retain 50% of the stolen goods.
It’s worth noting that Inferno Drainer is not the first of its kind. Last month, a similar “Scam as a Service” called Venom Drainer was identified by Scam Sniffer, which drained $27M from 15k victims and created 530 phishing sites targeting around 170 brands.
Despite the bear market, crypto scams are still frequent. A recent study by Crystal Blockchain revealed that 2022 emerged as the worst year on record for crypto fraud, with 120 separate incidents reported, representing a 28% increase compared to 2021. However, the total value lost across all incidents in 2022 was less than half of that in 2021, when the total funds lost in crypto scams reached $4.6 billion. This decrease can likely be attributed to the ongoing bear market which began in May 2021.
While NFT scams are a significant concern, decentralized finance (DeFi) breaches have now emerged as the most common type of crypto attack, according to the same study. Nevertheless, Inferno Drainer’s activities serve as a stark reminder of the risks associated with the NFT ecosystem, highlighting the need for increased awareness, robust security measures, and careful due diligence.