An organization operating as a scam-as-a-service has illicitly obtained around $6 million worth of cryptocurrency assets from unsuspecting individuals.
A scammer known as “Inferno Drainer” has taken $5.9 million in assets from 4,888 victims over 689 phishing websites targeting well-known projects, according to a study from Web3 scam-detecting company Scam Sniffer.
According to the study, Inferno Drainer specializes in multi-chain schemes and gives con artists ready-to-use codes in exchange for 20% of the stolen funds.
After scrutinizing the relevant data on various chains such as Mainnet, Arbitrum, and BNB, it has been discovered that the perpetrators have successfully stolen approximately $5.9 million worth of assets and have targeted nearly 4,888 victims thus far.
The fraud was identified after 0xSaiyanGod, a Twitter user well-known for their expertise in security issues, came upon a scam service promotion while perusing the fraud Sniffer Telegram channel.
The security service launched an inquiry when the channel received a report about the con artist.
Then, Scam Sniffer discovered a snapshot proving a $103,000 transaction carried out through phishing fraud using a Permit2 vulnerability, which takes advantage of a streamlined token approval process.
After having the transaction hash, the Scam Sniffer team continued their hunt for the exploiter’s address. Eventually, they found it.
Since March 27, over $5.9 million has been taken from numerous networks, including Ethereum, Arbitrum, Polygon, and BNB Chain, thanks to the address’s links to over 689 phishing websites.
According to the study, one of the greatest victims lost assets totalling $400,000.
According to the study, through an examination of the addresses used for collecting on-chain funds, it was estimated that around 1,699 ETH had been stolen and dispersed among five significant addresses. The study further noted that each of these addresses typically holds a balance ranging from 300 to 400 ETH.
Cryptocurrency Scams and Hacks Keep Taking Lives
According to new research by AegisWeb3, crypto criminals generated almost 3,234 ETH over the past nine months, or more than $6 million, from false airdrops.
According to the research, between August 2022 and May, con artists used their phoney token claim frauds to cheat 14,605 victims.
Remember that a string of cryptocurrency frauds, hacks, and exploits resulted in nearly $103 million theft from unwary investors and projects in April.
A recent report from Certik, a crypto security and auditing firm, highlighted several significant hacking incidents during the month. These included a loss of $25.4 million resulting from the exploitation of MEV trading bots, a hot wallet exploit that led to the theft of $22 million from the Bitrue exchange, and a hack of the South Korean GDAC exchange resulting in a loss of $13 million.
In addition, over $74.5 million of the $145 million compromised by crypto and DeFi attacks in the four months of the year was lost in April.