A crypto whale has suffered a staggering loss of over $32 million as a result of a phishing attack. The incident, first reported by blockchain security service ScamSniffer, involved the signing of a malicious transaction that led to the theft of wrapped ether tokens from the decentralized finance (DeFi) protocol Spark.
The hacker drained 12,083 spWETH tokens from the victim's wallet, valued at approximately $32.4 million at current market rates. The attack was executed using the Inferno Drainer, a notorious scam-as-a-service platform that has stolen more than $215 million from over 200,000 victims.
The Inferno Drainer operates by tricking users into signing over control of their wallets through spoofed versions of popular DeFi applications. This sophisticated phishing technique has made the service infamous within the crypto community. According to blockchain intelligence firm Arkham, the operators of Inferno Drainer take a 20% commission on the stolen assets.
Despite being shut down in November 2023, the Inferno Drainer resurfaced in May 2024, boasting enhancements and new features. The service claims compatibility with 28 blockchains and hundreds of DeFi applications, making it a significant threat to crypto security.
The identity of the victim remains unconfirmed, though blockchain analyst ZachXBT has linked the wallet to a whale known as CZSamSun. Following the theft, a message from the victim's wallet offered a 20% reward for the return of the stolen funds, but no response has been received from the alleged scammer.
In light of this incident, analytics firm LookOnChain has issued a warning to the crypto community, advising individuals to avoid clicking on unknown links and to verify all signatures before signing transactions.