😳😳😳 Trader loses $1.28m in $PEPE and other #Altcoins👀🚀 to Inferno Drainer-linked #wallet🔥
A cryptocurrency trader recently lost over $1.28 million in digital assets after falling victim to a malicious permit transaction.
According to blockchain security firm PeckShieldAlert, on October 14, the investor was tricked into signing a phishing permit signature, resulting in the loss of 108 billion PEPE, 73.8 million APU, and 165,000 MSTR tokens.
This type of attack, known as an approval phishing attack, transfers control of the victim's wallet to the attacker, allowing them to drain the stored assets. The victim's wallet, identified as "0xb0b..40c7," lost around $1.2 million worth of cryptocurrencies through six transactions, with the stolen funds dispersed across multiple addresses controlled by the attackers.
One of the attacker’s wallets, named "Fake_Phishing442846," was involved in a similar attack two weeks earlier, in which $32 million worth of spWETH tokens were stolen. In that case, the victim had also signed a malicious transaction.
Blockchain intelligence firm Arkham revealed that these attacks were carried out using a service called Inferno Drainer, a phishing-as-a-service tool. Inferno Drainer allows criminals to create fraudulent websites and apps designed to deceive users into surrendering control of their wallets. The developers of Inferno Drainer charge 30% for phishing website creation and another 20% per successful scam.
Inferno Drainer has reportedly been behind the theft of $237.8 million from over 200,000 victims, according to Dune analytics data. The service initially shut down in November 2023 but resurfaced in May 2024 due to renewed demand.
Phishing attacks, especially approval phishing, have drained over $2.7 billion since 2021, according to Chainalysis. Recently, a wallet lost $35 million in fwDETH tokens to a fraudulent transaction. CertiK’s Q3 report highlighted phishing as the most damaging attack, with $343.1 million lost in 65 incidents during the quarter.
Source - crypto.news