Malware Known as Inferno Drainer Resurfaces, Siphoning Off $9 Million from Cryptocurrency Wallets over a Six-Month Period.

Crypto Threats Persist: The Resurgence of Inferno Drainer

Malware Known as Inferno Drainer Resurfaces, Siphoning Off $9 Million from Cryptocurrency Wallets over a Six-Month Period.

In crypto world, threats never seem to fade away. Take the case of Inferno Drainer, the notorious crypto-stealing malware that, despite announcing its retirement in late 2023, has made a roaring comeback, wreaking havoc on digital wallets to the tune of over $9 million.

Cybersecurity firm Check Point Research (CPR) has been tracking this resurgent malware campaign, reporting that over 30,000 crypto wallets have succumbed to its latest tricks. The majority of these attacks occurred on Ethereum and Binance Chain.

CPR analysts report that the smart contracts initially deployed in 2023 are still active, while the current version of Inferno Drainer seems to have been enhanced to make it harder to detect and prevent attacks. This updated version uses single-use smart contracts and on-chain encrypted configurations, making it slippery to track and intercept.

In addition, the command-and-control server communication has been obfuscated via proxy-based systems, making tracking even more challenging. These tactics have enabled Inferno Drainer to maintain a steady stream of ill-gotten gains, as per CPR's analysis.

This comeback coincides with a phishing campaign targeting Discord users. The campaign employs social engineering techniques to trick victims into switching from a legitimate Web3 project's website to a counterfeit site mimicking the verification UX for popular Discord bot Collab.Land. This fake site hosted a crypto drainer, luring unsuspecting victims to authorize malicious transactions, giving attackers access to their funds.

To stay profitable, the malware campaign combines targeted deception and smart social engineering tactics. Crypto users are advised to exercise caution whenever they interact with unfamiliar platforms, even those that appear legit. The fake Collab.Land bot identified by CPR contained only subtle visual differences, hinting that the cybercriminals behind the deception are likely to continue refining their imitations.

Alas, Inferno Drainer isn’t the only threat lurking in the shadows. Hackers have been adopting increasingly sophisticated techniques to deliver crypto-stealing malware, targeting hacked mailing lists, open-source Python libraries, and even preloading trojans on counterfeit Android phones.

Stay vigilant out there, crypto enthusiasts!

Recommended Reading

1. Inferno Drainer: Trend Micro Research on Crypto Mining Malware
2. Inferno Drainer: A New Twist on Crypto-Stealing Malware
3. Inferno Drainer: Masterclass in Crypto-Stealing Malware
4. Exploiting the Blockchain: The Rise of Cryptojacking Malware
5. How Inferno Drainer Leverages Social Engineering on Discord
6. In the world of cryptocurrency, malicious software like Inferno Drainer continue to pose significant threats, even after announcing retirement.
7. Despite its retirement announcement in late 2023, Inferno Drainer has resurfaced, causing losses of over $9 million to digital wallets.
8. Cybersecurity firm Check Point Research (CPR) has observed over 30,000 crypto wallets falling victim to the latest version of Inferno Drainer, with most attacks happening on Ethereum and Binance Chain.
9. The current version of Inferno Drainer uses enhanced tactics, such as single-use smart contracts and on-chain encrypted configurations, making it difficult to detect and prevent attacks.
10. In addition to these changes, the command-and-control server communication has been obfuscated via proxy-based systems, making it even harder to trace the malware.
11. A recent phishing campaign targeting Discord users has been uncovered, employing social engineering techniques to trick victims into authorizing malicious transactions, thus giving attackers access to their funds.
12. To stay profitable, Inferno Drainer combines deception and smart social engineering tactics, emphasizing the importance of exercising caution when interacting with unfamiliar platforms.
13. Crypto users must also be wary of other threats like hacked mailing lists, open-source Python libraries, and counterfeit Android phones used for delivering crypto-stealing malware. Stay vigilant in the realm of finance, technology, and cybersecurity!

Read also: