 | A few hours ago a single victim lost about 630K Aave ETH + a couple of NFTs. This appears to be the work of the new Inferno/Angel Drainer.
How did this Phishing Attack HappenThe victim appeared to sign multiple malicious transactions. Perhaps the victim engaged with a fake website that promised rewards or a fake airdrop page. Nevertheless, the victim gave the phishing scammer approvals for AETHWETH and two Doodles NFTs. The attack could of been much worse as the victim still currently has another 3.79M in AETHWETH and 479K in AETHUSDT in their wallet. Phishing attacks in Jan - Feb 2025 are actually down as compared to the same timeframe last year. Almost everyday this time last year, single victims were losing 6 and 7 figures to wallet drainers. Much of the reduction in phishing drainer losses can be attributed to improvements in anti-phishing technology like Blockaid. This latest attack appears to be a workaround that was not caught by these anti-phishing platforms. The cat and mouse game continues! Attributing the Attack to Inferno DrainerI've written about phishing attacks from Inferno Drainer before. Here's a few previous posts
Traditionally drainer services have operated by the 80/20 rule. 80% of the stolen assets go to the CUSTOMER and 20% go to the drainer ADMIN team. However, this isn't a hard rule. Sometimes the split can be 85/15, 75/25 or some variation. On Oct 20th 2024, the Inferno Drainer platform was acquired by Angel Drainer. The above is from the Inferno Drainer telegram channel announcing the transition to Angel Drainer. Some say the reason behind Inferno Drainer exiting the wallet drainer scene was due to law enforcement catching up while others believe the profitability and future growth potential was limited due to anti-phishing improvements. Nevertheless, the drainer platform former known as Inferno Drainer is now InfernoAngel Drainer. Following the FundsMost of the funds for InfernoAngel CUSTOMER - 0x9039085515506e6bB0b81Ab15bc4e155CB2eE039 is yet to be laundered. I'm showing about 516K in mostly ETH sitting in the wallet. There is some small deposits into 0xaDD6937C3Ee1BC8e22fd74226bdECAA428b1a8B9 - MEXC and 0x161647F0071D56B52467f7F0Ee54870954ac257E - Binance but those appear to be service addresses vs belonging to the attacker. I did notice about 34 ETH was sent to 0x201128051dFCfb3151917e488024CCFa9fC54d93, eventually bridged to Thorchain, and sent to a Litecoin address - ltc1qp2lyz9vrfzshnf0qj06cxhy2mt2lcpsxyvesmf The InfernoAngel ADMIN - 0x1FE92e288b2b2792BCdEe8b8F286e0ed16724Da6 wallet is only about 3 weeks old but also has significant assets yet to be laundered, about 666K at the time of this writing. A quick twitter search will show the numerous phishing scams connected to this address. For the funds that were laundered, I was able to find a number of deposit addresses linked directly to the Inferno ADMIN
Stay safe out there! [link] [comments] |
You can get bonuses upto $100 FREE BONUS when you:
π° Install these recommended apps:
π² SocialGood - 100% Crypto Back on Everyday Shopping
π² xPortal - The DeFi For The Next Billion
π² CryptoTab Browser - Lightweight, fast, and ready to mine!
π° Register on these recommended exchanges:
π‘ Binanceπ‘ Bitfinexπ‘ Bitmartπ‘ Bittrexπ‘ Bitget
π‘ CoinExπ‘ Crypto.comπ‘ Gate.ioπ‘ Huobiπ‘ Kucoin.
Comments