Inferno Drainer Scammer Returns Over $5 Million of Stolen Funds

Reading Time: 2 minutes
  • Scammers have returned roughly 80% of stolen funds to a victim
  • The scammers kept 20% of the funds as bounty
  • The malicious actors used wallet-draining service Inferno Drainer

Less than a day after a victim lost close to $7 million in ETH in a phishing attack, the victim has recovered most of the funds after the scammers returned 80% of the funds. The malicious actors used Inferno Drainer, a crypto wallet-draining service that announced it was shutting down six months ago. The refund is a very rare occurrence in the blockchain world and comes when another wallet-draining service, Pink Drainer, advised scammers to “take a step back from the grind.”

Just Careless with their Funds?

According to blockchain analytics firm SlowMist’s co-founder Yu Xian, the malicious actors “used the permit offline authorization signature” to siphon 1,807 ETH worth roughly $7 million at the time of writing.

Hours later, Scam Sniffer reported that the scammers had returned 1,445 ETH worth around $5.6 million back to the victim. The malicious actors seemingly kept 362 ETH or 20% of the funds as a bounty.

According to on-chain sleuth ZachXBT, this isn’t the first time the victim has been scammed. Last year, they lost $638K in a phishing attack. ZachXBT wasn’t sympathetic with the victim saying that they were “just careless with their funds.”

Scammers Posing as DeFi Protocol Developers

The permit function used by the malicious actors is a genuine blockchain feature found on the Ethereum blockchain that eases connection to smart contracts. The feature has in the past been exploited netting scammers over $60 million in crypto.

In a recent blog post, SlowMist recommended the use of “authorization tools like RevokeCash” to sniff any suspicious authorizations. Apart from using genuine blockchain code, scammers are also posing as DeFi protocol developers and using bit-flip attacks to steal funds.

Although the victim was lucky to get back most of the funds, it’s unclear why the scammers opted to return the funds.

 

Share