Inferno Drainer was reportedly used to steal the most funds, draining $81 million from 134,000 victims.
In a report, Scam Sniffer identified that wallet drainers stole $295.5 million in crypto assets from more than 324,000 victims over the past year — with the largest amount stolen from a single user being $24 million.
The malware is deployed on phishing websites, using services like Cloudflare to mask their actual server addresses. The sites are designed to trick users into signing malicious transactions with their crypto wallets, enabling the scammers to steal their funds.
Notably, when older wallet drainers exit the scene, others swiftly take their place — compounding the cycle of phishing activities throughout the year.
The latest example came just yesterday, with Bill Lou, CEO and co-founder of security-focused crypto wallet app Nest, falling victim to a crypto phishing scam that drained 52 stETH ($125,000) from his MetaMask wallet. The attack was related to a fake airdrop guide for the new LFG token, which seeks to onboard Ethereum big fee spenders to Solana.
Phishing methods included hacking crypto projects’ front-end websites or official X and Discord accounts to generate traffic to malicious sites. Alternatives included airdrops of NFTs or tokens, spam comments on social media and paid traffic via Google search ads.
“Although hacking attacks have a broad impact, the community often reacts promptly, typically within 10-50 minutes,” Scam Sniffer wrote. “However, airdrops, organic traffic, paid advertising and taken-over Discord links are much less noticeable.”