Scam-as-a-Service | Breaking Cybersecurity News | The Hacker News

The operators behind the now-defunct  Inferno Drainer  created more than 16,000 unique malicious domains over a span of one year between 2022 and 2023. The scheme "leveraged high-quality phishing pages to lure unsuspecting users into connecting their cryptocurrency wallets with the attackers' infrastructure that spoofed Web3 protocols to trick victims into authorizing transactions," Singapore-headquartered Group-IB  said  in a report shared with The Hacker News. Inferno Drainer, which was active from  November 2022 to November 2023 , is estimated to have reaped over  $87 million in illicit profits  by scamming more than 137,000 victims. The malware is part of a broader set of similar offerings that are available to affiliates under the scam-as-a-service (or drainer-as-a-service) model in exchange for a 20% cut of their earnings. What's more, customers of Inferno Drainer could either upload the malware to their own phishing sites, or make use of t...

Cybersecurity researchers are warning about an increase in phishing attacks that are capable of draining cryptocurrency wallets. "These threats are unique in their approach, targeting a wide range of blockchain networks, from Ethereum and Binance Smart Chain to Polygon, Avalanche, and almost 20 other networks by using a crypto wallet-draining technique," Check Point researchers Oded Vanunu, Dikla Barda, and Roman Zaikin  said . A prominent contributor to this troubling trend is a notorious phishing group called Angel Drainer, which advertises a "scam-as-a-service" offering by charging a percentage of the stolen amount,  typically 20% or 30% , from its collaborators in return for providing wallet-draining scripts and other services. In late November 2023, a similar wallet-draining service known as Inferno Drainer announced that it was  shutting down its operations  for good after helping scammers plunder over $70 million worth of crypto from 103,676 victims sinc...

More details have emerged about a malicious Telegram bot called  Telekopye  that's used by threat actors to pull off large-scale phishing scams. "Telekopye can craft phishing websites, emails, SMS messages, and more," ESET security researcher Radek Jizba  said  in a new analysis. The  threat actors behind the operation  – codenamed Neanderthals – are known to run the criminal enterprise as a legitimate company, spawning a hierarchical structure that encompasses different members who take on various roles. Once aspiring Neanderthals are recruited via advertisements on underground forums, they are invited to join designated Telegram channels that are used for communicating with other Neanderthals and keeping track of transaction logs. The ultimate goal of the operation is to pull off one of the three types of scams: seller, buyer, or refund. In the case of the former, Neanderthals pose as sellers and try to lure unwary Mammoths into purchasing a non-ex...