Here’s yet another interesting Phishing scam that took place a few hours ago.
It appears the hacker used Inferno Drainer in this scam.
0xe265398BC6EA0A4Ae1de43De6e0fad81c205013b – Hacker 0x4Ea01f0D7DFCB0C894C2553c282Ce165c66865F0 – Hacker Contract 0xd44f48962E1E9146d9aaB3e326a34537c10D66B7 – Hacker Legacy Wallet 0x9f6bCC3d52624A2BE52A6b5499B582B98F7e5A41 – Victim
Above is connecting all 3 Hacker wallets to each other and the Victim.
The victim lost 218K in aEthWETH (Wrapped Aave Eth?)
Of particular interest to me in this one is connecting on-chain data with off-chain data.
For example, the hacker wallet of 0xe265398BC6EA0A4Ae1de43De6e0fad81c205013b [created a day ago] is funded by a contract of 0x4Ea01f0D7DFCB0C894C2553c282Ce165c66865F0 [also created a day ago] which was funded by 0xd44f48962E1E9146d9aaB3e326a34537c10D66B7.
0xd44f48962E1E9146d9aaB3e326a34537c10D66B7 has a twitter account directly associated with the wallet. You can look that up on your own.
When investigating hacker/scammer activity, sometimes I have to go 3, 4 or 5+ jumps before finding anything of interest.
The deposit addresses associated with the above include
0xea985a702240Cb5eA3785434AB6BAAC74E7A7E59 – Binance 0xEecE0833f69159255426eedaf425bC3B38a20475 – Binance 0xd44f48962E1E9146d9aaB3e326a34537c10D66B7 – Binance 0xeB6634484Ba02495552B865eE04A1F8017380BB7 – AscendEX 0x7a63ec7aFFD8c5916B5DF52E830Ad38892C2E2d0 – FTX (lol)
As of now, the hacker wallet of 0xe265398BC6EA0A4Ae1de43De6e0fad81c205013b has about 255K in assets, 218K from one victim, the rest from a few other victims.
I’m sure the hacker will move these funds to intermediary or deposit addresses in the coming hours or days.
Stay safe out there!
submitted by /u/jbtravel84
[link] [comments]