A new scam as a service called “Inferno Drainer” has reportedly stolen nearly $6 million from unsuspecting crypto users, according to Web3 scam detecting firm Scam Sniffer. Inferno Drainer reportedly advertises that it provides ready-to-go code to scammers, allowing them to steal crypto in exchange for a 20% cut of the scammer’s crypto “loot”.
1/ Inferno Drainer, a scam vendor specializing in multi-chain scams, has stolen $5.9 million in assets from nearly 4,888 victims through over 689 phishing websites targeting popular projects.https://t.co/OEjdzHm2Ls
— Scam Sniffer (@realScamSniffer) May 19, 2023
The scam service was discovered by security enthusiast and pseudonymous Twitter user 0xSaiyanElite, who happened to run across a promoter of it while browsing the Scam Sniffer Telegram channel. Saiyan reported the scammer to the channel, and the security service began an investigation. They found a screenshot showing a $103,000 drain transaction using a Permit2 exploit. Permit2 exploits are phishing scams that rely on a simplified version of the token approval process.
As told by Scam Sniffer, the screenshot showed the transaction hash of the theft, prompting the team to search up the transaction, which uncovered the exploiter’s address. Scam Sniffer then found the said address was associated with over 689 phishing websites created since March 27 and had drained $5.9 million from victims on various networks, including Ethereum, Arbitrum, Polygon, and BNB Chain. Scam Sniffer created a Dune analytics dashboard to reveal the data validating this conclusion.
According to the report, Inferno Drainer advertised its “service” to scammers in return for 20% of profits. It even offered to build phishing sites for customers in exchange for 30%, but only for “good customers or people with big potential.”
Scams as services have become an increasing problem in the crypto community over the past few months. A similar service called “Monkey Drainer” was discovered by ZachXBT in October. It drained at least $1 million in ETH from users before shutting down in March.