Security

Check Point Research uncovered a sophisticated phishing campaign that abuses Discord and targets crypto users. Attackers redirects users from a legitimate Web3 website to a fake Collab.Land bot and then to a phishing site, tricking them into signing malicious transactions. The drainer script deployed on that site was directly linked to Inferno Drainer. Despite publicly shutting down in late 2023, Inferno Drainer remained fully operational. Smart contracts deployed in 2023 continued to be used into 2025. Recent campaigns show notable technical upgrades and infrastructure improvements. Inferno Drainer employs advanced anti-detection tactics — including single-use and short-lived smart contracts, on-chain encrypted configurations, and proxy-based communication — successfully bypassing wallet security mechanisms and anti-phishing blacklists. In just the last six months, more than 30,000 wallets were victimized by Inferno Drainer, resulting in at least $9 million in losses. The combination of evolving technical sophistication and convincing social engineering continues to drive the success of these attacks.