Key Highlights
- A crypto whale lost $32 million in wrapped ether due to a phishing attack.
- The scam used Inferno Drainer, a scam-as-a-service software known for spoofing DeFi apps.
- Inferno Drainer has stolen over $215 million from 200,000 victims worldwide.
- Blockchain analysts warn investors to avoid unfamiliar links and verify all transactions before signing.
A crypto whale has reportedly lost $32 million in a phishing attack orchestrated using the notorious Inferno Drainer software. The victim's funds, amounting to 12,083 wrapped Ether tokens (spWETH), were linked to the decentralized finance platform Spark and drained by malicious transactions.
How the Phishing Attack Unfolded
The attack was first reported on September 25, when blockchain security firm ScamSniffer flagged the incident on X (formerly Twitter). The malicious transaction was connected to Inferno Drainer, a phishing tool that creates fake versions of popular decentralized finance (DeFi) apps.
Users, unknowingly, sign transactions that give scammers control over their crypto wallets. In this case, the whale lost over $32 million worth of wrapped ether, marking one of the biggest crypto losses this year.
The Inferno Drainer software is infamous for its phishing schemes, and according to Arkham Intelligence, it has been responsible for draining over $215 million from various victims. The software had previously been shut down in November 2023 but re-emerged in May 2024 with "new staff and better features." Now, it supports 28 blockchains and hundreds of DeFi apps, making it an even more dangerous threat.
The Crypto Whale Behind the Loss
The identity of the whale remains unconfirmed, but blockchain investigator ZachXBT linked the compromised wallet to a whale named CZSamSun.
Not to be confused with the well-known researcher @samczsun from Paradigm, CZSamSun reportedly lost 12,083 spWETH, worth approximately $32.4 million, to this phishing attack. The whale's wallet sent a message offering a 20% reward for the return of the stolen funds, but there has been no response from the scammers.
LookOnChain, another blockchain analytics platform, has advised crypto users to be cautious. "To avoid being phished, please don’t click on any unknown links and don’t sign any unknown signatures," the platform stated in a warning on X.
Inferno Drainer’s Track Record of Theft
Inferno Drainer has been a major player in crypto phishing attacks since its creation, running as a scam-as-a-service operation.
The software allows cybercriminals to deploy spoofed DeFi apps and trick victims into handing over control of their wallets. Operators of Inferno Drainer reportedly take a 20% cut of stolen tokens as commission.
The service's resurgence in 2024 came with claims of enhanced features, allowing it to function across multiple blockchains. While it was shut down for a brief period in 2023, it has since evolved and posed an even bigger threat, supporting scams across 28 different blockchain networks.
Final Notes
This incident serves as a stark reminder of the risks involved in the crypto space. The crypto whale who lost $32 million in the phishing attack shows the importance of practicing caution when interacting with DeFi platforms.
Blockchain experts emphasize verifying every transaction and avoiding unfamiliar links. As phishing tools like Inferno Drainer become more sophisticated, crypto investors must remain vigilant to protect their assets from malicious schemes.