The notorious wallet-draining group Inferno Drainer attempted to launder $530,000 worth of stolen ETH through Railgun, but quickly discovered it couldn’t.

Railgun, a crypto privacy protocol, has a built-in tool to filter out bad actors, which thwarted Inferno Drainer’s latest laundering attempt. On July 10, MistTrack reported on X that a day earlier, an attempt to launder a little over 174 Ether (worth $533,000 at current prices) was blocked by Railgun, forcing the stolen ETH to be sent back to Inferno Drainer’s original wallet address.

Alan Scott Jr, a Railgun contributor, told Cointelegraph that Inferno’s attempt to use the Ethereum-based privacy protocol was rejected by Railgun’s automated private proofs of innocence (PPOI) system.

Once the PPOI system was activated, “the tokens could only return to the attacker’s address — they were not welcome in RAILGUN,” Scott said.

“The fact that this attacker could only send tokens back to the original shielding wallet is by design. This is part of PPOI. This technology is brand new, but this is a great example that shows it works.”

Founded in January 2021, Railgun uses zero-knowledge (ZK) cryptography to shield wallet balances, transaction history, and transaction details, allowing users to use decentralized apps (DApps) on Ethereum or other supported chains while maintaining privacy.

Railgun’s PPOI system was launched by the protocol’s researchers and contributors in January 2023. It uses cryptographic assurance to ensure that tokens entering the Railgun smart contract are not from a known list of undesirable transactions or actors. Users must create ZK-proof that their funds are not part of a pre-set list of transactions and wallets.

Scott explained that the PPOI system works by identifying transactions linked to nefarious actors and then blocking those tokens from being processed through the protocol. The only option available to the sender is to withdraw the tokens back to the original address.

“That transaction flow remains trackable, and attempting to use Railgun provides zero privacy to that actor,” he said.

According to Dune Analytics data, Inferno Drainer has stolen over $180 million in crypto from more than 189,000 victims since its inception in August 2023.

Inferno Drainer has co-opted more than $196 million since August 2023. Source: Dune Analytics

In April, Railgun countered claims from independent crypto reporter Colin Wu, who alleged that the protocol had been used by the North Korean hacking consortium Lazarus Group.

Despite blockchain security firm Elliptic labeling Railgun a “prime alternative to Tornado Cash” after the United States government imposed sanctions against the crypto mixer, Ethereum co-founder Vitalik Buterin has defended the protocol on the grounds that privacy is “normal.”

Source: Cointelegraph