Pepe (PEPE) Website Hit by Front-End Inferno Drainer Exploit
On Dec. 4, 2025, Blockaid reported that the official Pepe memecoin website was compromised by a front-end injection. Attackers had injected malicious scripts linked to the Inferno Drainer toolkit into the site's code, prompting an early alert to the community and the project team. Because the vulnerability sits in the front end, visitors who connect wallets or sign transactions may expose token approvals and private assets to theft.
The incident highlights ongoing risks for web-based crypto projects and memecoins in particular. Inferno Drainer is known to harvest wallet approvals and drain tokens once users interact with infected pages, so users should avoid the official site until the team confirms a cleanup, review recent wallet activity, and revoke suspicious allowances via services like Etherscan or Revoke.cash. The Pepe team and security researchers are investigating; further updates are expected as fixes and a post-incident audit proceed.