Angel Drainer Strikes Again: $400,000 Stolen from 128 Crypto Wallets with New Attack Vector
In just one year of operation, Angel Drainer has drained over $25 million from nearly 35,000 wallets.
The Angel Drainer phishing group reportedly pilfered over $400,000 from 128 crypto wallets using a new tactic. A recent analysis suggests that the notorious entity exploited Etherscan’s verification tool to mask the malicious nature of a smart contract.
Blockaid, a popular blockchain security company, disclosed on X (formerly Twitter) that the attack kicked off at 6:40 am on February 12, 2024.
Angel Drainer Targets Safe Vault Contract
Angel Drainer deployed a malicious Safe vault contract, leading users to inadvertently authorize a ‘Permit2’ transaction on the compromised contract, resulting in the theft of $403,000.
Specifically targeting a Safe vault contract, Angel Drainer aimed to lull users into a false sense of security, a typical ploy in crypto phishing schemes, as Etherscan automatically validates Safe contracts.
Blockaid highlighted that the assault was not a direct strike on Safe, affirming minimal impact on its user base. The security firm promptly notified Safe of the attack and was actively engaged in mitigating any potential further damage.
“This is not an attack on Safe, and Safe users are not broadly impacted – rather they decided to use this Safe vault contract because Etherscan automatically adds a verification flag to Safe contracts, which can provide a false sense of security as it’s unrelated to validating whether or not the contract is malicious.”
Wallet Drainers on the Prowl
Wallet drainers, in general, execute their schemes by installing malicious software on fraudulent websites to trick users into approving detrimental transactions, resulting in the unauthorized withdrawal of assets from their cryptocurrency wallets.
Scam Sniffer, a prominent Web3 anti-scam platform, noted instances of wallet drainers pilfering over $295 million in assets from around 324,000 individuals in the past year.
Despite the shutdown of similar groups like Inferno Drainer, Angel Drainer’s existence exposes a troubling trend that has been successfully stolen. Data suggest that this group has stolen over $25 million from almost 35,000 wallets in just a year since its inception.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Trump-backed World Liberty Financial taps Chainlink to drive mass DeFi adoption
ZKsync approves proposal to distribute 325 million ZK tokens to boost liquidity across chains
Shiba Inu Community Pushes Token Toward $0,001
Can You Turn $500 Into $500 With These Cryptocurrencies?