Scam-as-a-Service on the Rise

A surge in crypto wallet-draining attacks, facilitated by groups like Angel Drainer, is causing concern in the cybersecurity community.


Inferno Drainer’s Million-Dollar Heist

Inferno Drainer, a prominent wallet-draining service, shut down after helping scammers steal over $70 million from thousands of victims.


Protecting Your Crypto

To mitigate risks, experts recommend using hardware wallets, verifying smart contracts, and regularly reviewing wallet allowances for signs of suspicious activity.

crypto currency, bitcoin, blockchain-3130382.jpg

News > Cyber-Security > CS-General
by Kevin Wood

Rise of Scam-as-a-Service: Crypto Wallet Attacks on the Rise



Innovative Scam-as-a-Service Model Fuels Surge in Crypto Wallet Attacks

Cybersecurity experts are sounding the alarm as phishing attacks capable of draining cryptocurrency wallets are on the rise. These threats represent a new breed of cybercrime, targeting multiple blockchain networks, including Ethereum, Binance Smart Chain, Polygon, Avalanche, and nearly 20 others, employing a technique known as crypto wallet-draining. Researchers from Check Point, including Oded Vanunu, Dikla Barda, and Roman Zaikin, are issuing a strong warning about this disturbing trend.

Angel Drainer: Leading the Pack

At the forefront of this concerning trend is a notorious phishing group known as Angel Drainer. This group is boldly offering a “scam-as-a-service” model, charging a percentage, often 20% or 30%, of the stolen amount as compensation for their services. In this arrangement, they provide wallet-draining scripts and other essential tools for cybercriminals.

Inferno Drainer Shuts Down After Looting Millions

In late November 2023, another similar service called Inferno Drainer made headlines by announcing the end of its operations. This decision followed its involvement in the theft of over $70 million worth of cryptocurrencies from 103,676 victims since its launch in late 2022. Scam Sniffer, a Web3 anti-scam solution provider, described Inferno Drainer as specializing in multi-chain scams and charging 20% of the stolen assets.

In a farewell message posted on its Telegram channel, an actor from Inferno Drainer thanked its collaborators and customers, signifying the end of an era for one of the most prolific crypto wallet-draining services.

The Anatomy of Crypto Wallet-Draining Services

At the heart of these services is a crypto-draining kit specifically designed to facilitate cryptocurrency theft by transferring funds from victims’ wallets without their knowledge or consent. This malicious act is typically achieved through airdrop or phishing scams. Cybercriminals trick their targets into connecting their wallets to counterfeit websites, often promoted through malvertising schemes or unsolicited emails and messages on social media.

A Rising Threat: Google and X (formerly Twitter) Phishing Scam

Earlier this month, Scam Sniffer uncovered a phishing scam where fraudulent advertisements for cryptocurrency platforms on Google and X (formerly Twitter) redirected users to suspicious websites that siphoned funds from their digital wallets. In this particular scheme, users were lured into interacting with a malicious smart contract, falsely promising an airdrop, which surreptitiously increased the attacker’s allowance through functions like “approve” or “permit.” Unbeknownst to the user, this granted the attacker access to their funds, allowing for token theft without any further interaction. To further obfuscate their tracks, attackers employed methods like mixers or multiple transfers before liquidating the stolen assets.

Protecting Yourself Against Crypto Wallet Attacks

To safeguard against these increasingly sophisticated scams, users are strongly advised to take several precautions:

  1. Use Hardware Wallets: Consider using hardware wallets to store your cryptocurrencies securely. These devices offer enhanced protection compared to software wallets.
  2. Verify Smart Contracts: Before interacting with any smart contract or airdrop, double-check its legitimacy. Ensure that it is from a trusted source.
  3. Review Wallet Allowances: Periodically review your wallet allowances to detect any suspicious activity. Unauthorized changes in permissions could be a sign of an impending attack.

The rise of Scam-as-a-Service operations highlights the need for heightened vigilance within the cryptocurrency community. As cybercriminals continue to evolve their tactics, users must stay informed and take proactive steps to protect their digital assets.

“Unknowingly, the user grants the attacker access to their funds, enabling token theft without further user interaction.”


  • Beware of Phishing: Be cautious of unsolicited messages, emails, or ads promising crypto rewards, especially on social media or search engines.
  • Hardware Wallets for Security: Consider using hardware wallets to keep your cryptocurrencies safe from online threats.
  • Verify Smart Contracts: Always double-check the legitimacy of smart contracts and airdrops before interacting with them.
  • Review Wallet Permissions: Periodically review your wallet’s permissions and settings to detect any unauthorized changes.
  • Stay Informed: As cybercriminal tactics evolve, staying informed about the latest threats is crucial to safeguarding your digital assets.
  • For more information and updates on cryptocurrency security, please reach out to us at