Inferno Drainer Malware Targets Ambient Finance in DNS Hijacking

Following a recent cyberattack targeting Ambient Finance, a decentralized exchange (DEX), the platform reassured users that their assets and smart contracts remain secure. Nevertheless, Ambient Finance issued a warning, advising users to refrain from interacting with the website interface until further notice.

In a tweet published on October 19, the company confirmed that, although the core infrastructure remained intact, a DNS attack had compromised the website’s interface.

On October 17, hackers gained unauthorized access to Ambient Finance’s domain and inserted malicious links, redirecting users to pages designed to steal digital assets. The platform responded swiftly, suspending the website’s usage and urging users not to connect their wallets or take any action until the threat was mitigated.

Ambient Finance emphasized that user safety is its top priority and recommended temporarily revoking permissions to interact with the platform while a full investigation is conducted. In its statement, the team noted that they are already working with security experts and the domain registrar to restore normal operations as soon as possible.

An analysis conducted by Blockaid revealed that the attack was carried out using malware called Inferno Drainer, specifically designed to steal digital assets. The server from which the hack was launched was set up just 24 hours before the incident, indicating the rapid preparation of the attack.

Founded in 2021, Ambient Finance operates a decentralized exchange (DEX). Last year, the platform raised $6 million in a seed funding round, backed by prominent investors, including Blocktower and Circle Ventures.