Crypto Whale Loses $32 Million in Phishing Attack Using Inferno Drainer Software

Hack Scam Whale
The stolen assets amounted to 12,083 wrapped ether tokens (spWETH).
Last updated:
Author
Author
Ruholamin Haqshanas
About Author

Ruholamin Haqshanas is a contributing crypto writer for CryptoNews. He is a crypto and finance journalist with over four years of experience. Ruholamin has been featured in several high-profile crypto...

Last updated:
Why Trust Cryptonews
Cryptonews has covered the cryptocurrency industry topics since 2017, aiming to provide informative insights to our readers. Our journalists and analysts have extensive experience in market analysis and blockchain technologies. We strive to maintain high editorial standards, focusing on factual accuracy and balanced reporting across all areas - from cryptocurrencies and blockchain projects to industry events, products, and technological developments. Our ongoing presence in the industry reflects our commitment to delivering relevant information in the evolving world of digital assets. Read more about Cryptonews
Ad DisclosureWe believe in full transparency with our readers. Some of our content includes affiliate links, and we may earn a commission through these partnerships. Read more

A crypto whale has reportedly fallen victim to a phishing attack, losing over $32 million in tokens due to a malicious transaction.

The incident was initially flagged by blockchain security firm ScamSniffer on the social media platform X.

The stolen assets, amounting to 12,083 wrapped ether tokens (spWETH), were linked to the decentralized finance (DeFi) protocol Spark and are valued at approximately $32.4 million.

According to blockchain intelligence company Arkham, the attack was orchestrated using the Inferno Drainer, a notorious scam-as-a-service tool.

The software targets users by creating fake versions of popular DeFi applications, deceiving them into signing transactions that hand over control of their wallets.

Inferno Drainer has reportedly been responsible for stealing over $215 million from more than 200,000 victims throughout its existence, as highlighted by a Dune Analytics dashboard created by ScamSniffer.

The service’s operators allegedly take a 20% commission on stolen tokens.

Although Inferno Drainer was shut down by its developers in November 2023, it resurfaced in May 2024 with claims of improved features, new staff, and support for 28 different blockchains and hundreds of DeFi apps.

The identity of the victim remains unconfirmed, but blockchain investigator ZachXBT noted significant transactions linking the compromised wallet to a whale known as CZSamSun, not to be confused with the Paradigm researcher known as @samczsun on X.

In a message sent from the victim’s wallet, a 20% reward was offered for the return of the stolen funds, though no response has been received from the alleged scammer.

Blockchain analytics firm LookOnChain advised users to exercise caution by avoiding unfamiliar links and verifying all transactions before signing, to prevent falling prey to similar attacks.

Fake Wallet App Steals $70K in Crypto

A fraudulent cryptocurrency wallet app on Google Play has reportedly stolen $70,000 from users in a sophisticated scam that has been described as a world-first for targeting mobile users exclusively.

The malicious app, named WalletConnect, mimicked the reputable WalletConnect protocol but was, in fact, a sophisticated scheme to drain crypto wallets.

The deceptive app managed to deceive over 10,000 users into downloading it, according to Check Point Research (CPR), the cybersecurity firm that uncovered the scam.

The scammers behind the app were well aware of the typical challenges faced by web3 users, such as compatibility issues and the lack of widespread support for WalletConnect across different wallets.

They cleverly marketed the fraudulent app as a solution to these problems, taking advantage of the absence of an official WalletConnect app on the Play Store.

In another attempt, Cybersecurity scammers are using automated email replies to compromise systems and deliver stealthy crypto mining malware.

This comes on the heels of another malware threat identified in August.

The “Cthulhu Stealer,” which affects MacOS systems, similarly disguises itself as legitimate software and targets personal information, including MetaMask passwords, IP addresses, and cold wallet private keys.

More Articles

Altcoin News
Andreessen Horowitz Scales Back UK Operations Amid Trump’s Pro-Crypto Policy Push
Ruholamin Haqshanas
Ruholamin Haqshanas
2025-01-25 11:28:20
Bitcoin News
Nasdaq Seeks In-Kind Creation and Redemption for BlackRock Spot Bitcoin ETF
Ruholamin Haqshanas
Ruholamin Haqshanas
2025-01-25 11:20:43
Crypto News in numbers
editors
Authors List + 66 More
2M+
Active Monthly Users Around the World
250+
Guides and Reviews Articles
8
Years on the Market
70
International Team Authors