A new scam service dubbed "Inferno Drainer" has reportedly stolen nearly $6 million from unsuspecting crypto users, according to Web3 scam detection firm Scam Sniffer. Inferno Drainer reportedly advertises that it provides scammers with ready-made codes that allow them to ste al cryptocurrency in exchange for 20% of the scammers' cryptocurrency “loot.” The scam service was discovered by security enthusiast and anonymous Twitter user 0xSaiyanGod, who happened to come across the promoter of the service while browsing the Scam Sniffer Telegram channel. The Saiyan report ed the cheater to the channel, and security began an investigation. Scam Sniffer found a screenshot showing a $103,000 leaked transaction using the Permit2 exploit. The Permit2 exploit is a phishing scam that relies on a simplified version of the token approval process.
As Scam Sniffer said, screenshots showing the stolen transaction hash prompted the team to search for the transaction, which led to the discovery of the exploiter's address. Scam Sniffer later discovered that the address was associated with more than 689 phishing site s created since March 27 and had extorted $5.9 million from victims on various networks including Ethereum, Arbitrum, Polygon, and BNB Chain . Scam Sniffer created a Dune analytics dashboard to reveal the data that validates this conclusion.
Inferno Drainer reportedly advertises its "services" to scammers in exchange for a 20% cut of profits. It even offered to set up phishing sites for clients in exchange for 30%, but only for "good clients or people with potential." Scam- as-a-service has become a growing problem in the crypto community over the past few months. ZachXBT discovered a similar service called "Monkey Drainer" in October. It lost at least $1 million in ETH from users before shutting down in March.
