A prominent crypto whale has lost more than $32 million worth of tokens after signing a malicious transaction, according to blockchain security service ScamSniffer. The breach targeted the victim’s wallet through Spark’s decentralized finance (DeFi) platform and resulted in the theft of 12.083 wrapped ether (spWETH) tokens.
At present prices, the stolen tokens amount to around $32.4 million. The attack was connected to a fraud-based operation called Inferno Drainer. This group has executed widespread assaults on cryptocurrency users across multiple decentralized networks.
Arkham Intelligence has identified the wallet as possibly belonging to Shixing Mao, also known as Discus Fish, one of the co-founders of F2Pool and Cobo. However, Arkham’s AI-based identification of the wallet owner has a low confidence level. Even after such a loss, Arkham data reveals that the wallet still contains cryptocurrencies valued at approximately $5.44 million.
Victim is allegedly tied to a whale named CZSamSun
Inferno Drainer operates by taking a 20% commission on stolen funds. In November 2023, the developers closed the service down, but it came back online in May 2024. The renewed scam claimed to have “new employees,” “improved assistance,” and ” updated functions,” making it more perilous than before.
Crypto sleuth ZachXBT also pointed out that the owner of the wallet has been involved in a number of large transactions with another popular account. According to ZachXBT, the wallet owner and the other entity found on the DeBank platform under the name ‘czsamsun’ moved nine-figure sums, which points to the two being related.
“Victim and czsamsun on Debank have done 9 figures in transfers with each other, so seems likely it’s the same entity.”
ZachXBT
Following the attack, a message was received in the victim’s wallet proposing a 20% reward for returning the lost funds.
Phishing schemes surge in cryptocurrency space
This event has triggered alerts in the DeFi space and encourages users to be cautious with transactions they do not recognize. Blockchain analytics firm LookOnChain issued a warning on X about phishing scams and how not to be a target.
“To avoid being phished, please do not click on any unknown links and do not sign any unknown signatures,” LookOnChain stated.
The Inferno Drainer scam is part of a rise in phishing schemes that prey on DeFi participants. In May 2023, Pink Drainer, another phishing-as-a-service platform, shut its services after obtaining $75 million in crypto from almost 20,000 victims.
According to ScamSniffer, losses from phishing scams in cryptocurrency reached over $173 million in Q1 2024 alone. The FBI also highlighted the rising danger and revealed that losses from phishing totaled more than $9.6 million in 2023.