According to PANews, a recent report by cybersecurity firm Check Point Research (CPR) reveals that the cryptocurrency-stealing malware Inferno Drainer remains active despite claims of ceasing operations in November 2023. Over the past six months, the malware has stolen more than $9 million, targeting over 30,000 cryptocurrency wallets, primarily those of Ethereum and BNB Chain users.
Researchers discovered that Inferno Drainer's smart contracts, deployed in 2023, continue to operate. The latest version of the malware employs single-use smart contracts and on-chain encrypted configurations, significantly enhancing its stealth capabilities. Its command and control servers use a proxy system to obfuscate communications, making the attacks more challenging to trace.
Recently, the malware has been executing phishing attacks by mimicking the verification interface of the well-known Discord bot Collab.Land, exploiting "subtle visual differences" to trick users into signing malicious transactions. CPR warns that even experienced users might lower their guard, as the legitimate Collab.Land requires wallet signature verification.
CPR advises users to verify the authenticity of platforms before connecting their wallets to prevent falling victim to such attacks.
