• The official Pepe memecoin website has been compromised.
• Hackers added Inferno Drainer malware, redirecting users to a fake site.
• Cybersecurity firm Blockaid confirmed a front-end attack.
• Users warned to avoid the website until the exploit is fixed.
• Inferno Drainer activity has tripled in 2024, driving major crypto thefts.

The official website of the popular Pepe (PEPE) memecoin has been hit by a front-end attack, redirecting visitors to a malicious website designed to drain wallets. Cybersecurity firm Blockaid confirmed the security breach on Thursday, warning users to stay away from the site immediately.

According to Blockaid’s Threat Intelligence Team, attackers inserted Inferno Drainer malware into the site’s front-end code. This type of exploit works by secretly redirecting users to a fake interface, where malicious scripts attempt to drain crypto assets once a wallet is connected. Inferno Drainer is known for powering large-scale phishing campaigns, complete with fake website templates and wallet-draining scripts.

The breach did not trigger an immediate price reaction from PEPE, which is up around 4% over the past 24 hours but still down more than 77% over the past year. Cointelegraph reached out to the Pepe team for comment, but no response was received at the time of publication.

The incident underscores the growing cybersecurity risks facing crypto users, especially as attackers continue to deploy highly automated drainers. Inferno Drainer activity has notably increased throughout 2024, despite previous claims that the group behind it had shut down. Blockaid reported that the number of malicious Inferno Drainer decentralized apps jumped from 800 per week at the start of the year to 2,400 per week by mid-2024.

The malware has been connected to several high-profile attacks, including the hack of the BNB Chain’s official X account in October. In that case, users were sent malicious links prompting them to connect their wallets, leading to stolen funds. Binance co-founder Changpeng “CZ” Zhao publicly warned users to avoid interacting with any suspicious posts during the incident.

With attackers continuing to target major crypto communities and platforms, security experts urge users to verify website authenticity, avoid connecting wallets to unfamiliar pages and monitor official project channels for updates. Pepe users are advised to completely avoid the website until developers confirm that it is safe again.

Final Thought

The attack on the Pepe website shows how quickly malware can spread through trusted platforms. As drainer tools grow more aggressive, staying vigilant and double-checking URLs is becoming essential for every crypto user.