The official website for the Pepe (PEPE) memecoin has been compromised by attackers, who are redirecting users to a malicious link.
“Blockaid’s system has identified a front-end attack on Pepe. The site contains a code of inferno drainer,” the cybersecurity company said on Thursday. Blockaid’s Threat Intelligence Team told Cointelegraph:
“Blockaid detected Inferno drainer code on the Pepe front end, matching a known drainer family we regularly identify. This is a front-end compromise, where users are redirected to a fake site that injects malicious code to drain wallets.”
Inferno Drainer is a suite of scam tools that is employed by threat actors, including phishing website templates, wallet drainers and social engineering tools.
The price of PEPE did not react immediately to the hack. The memecoin is up by about 4% over the last 24 hours, but is down by more than 77% over the last 12 months, according to CoinGecko.
Cointelegraph reached out to the Pepe team for comment but did not receive a response by the time of publication.
This latest cybersecurity incident highlights the ongoing need for vigilance among crypto users as a defense against phishing scams and other cybersecurity threats. Users are encouraged to stay clear of the site until the issue is resolved.
Related: Memecoin market sinks to 2025 low as $5B wiped out in a day
Inferno Drainer activity ramps up, despite claims that the malware would go offline
Inferno Drainer usage tripled in 2024, according to Blockaid, despite the team behind Inferno Drainer claiming that they would shutter the scam service in 2023.
“At the beginning of the year, we saw about 800 new malicious Inferno Drainer DApps per week. Now, that number has tripled to 2,400 per week,” Oz Tamir, a former Blockaid engineer, told Cointelegraph in August 2024.
Since that time, the Inferno Drainer group and suite of tools have been linked to several social engineering scams, social media exploits and malware-related crypto thefts, including the hack of the BNB X page in October.
The attackers took control of the X account and posted several malicious links, which directed users to connect their wallets.
Binance co-founder Changpeng “CZ” Zhao sounded the alarm on the hack and directed users not to interact with the links until the issue was resolved.
Magazine: 2 auditors miss $27M Penpie flaw, Pythia’s ‘claim rewards’ bug: Crypto-Sec
