A phishing group called Angel Drainer has reportedly swiped $400k from 128 crypto wallets.

Angel Drainer utilized a crypto phishing attack to exploit Etherscan's verification tool, concealing its malicious smart contract.

💰 Angel Drainer Strikes Again: Stealing $400,000 from Crypto Wallets 💰

By Brian Yue

Image by Brian Yue, Midjourney

Phishing group Angel Drainer has once again flexed its nefarious skills, making off with a staggering $400,000 from 128 unsuspecting crypto wallets. In a daring move, the group deployed a malicious vault contract and cleverly exploited Etherscan’s verification tool to conceal its true intentions. Let’s dive deeper into this audacious attack and explore the larger implications for crypto security.

🎣 Angel Drainer’s Latest Phishing Expedition 🎣

The heist took place on February 12 at 6:40 am, when Angel Drainer unleashed a malicious Safe vault contract. Unbeknownst to users, they unknowingly authorized a ‘Permit2’ transaction, resulting in the theft of $403,000. The choice of a Safe vault contract was deliberate, as Etherscan adds a verification flag to these contracts, instilling a false sense of security among users—a classic tactic employed by crypto phishers.

• Uniswap Founder Exposes New Crypto Scam: Impersonating ETH Wallets 😱🔒
• XRP Price Consolidates Below Resistance, but a Fresh Rally May Be on the Horizon 📈💰
• Bitcoin ($BTC) Soars: Unveiling the Dynamics and Future Predictions 🚀

It’s important to note that the attack was not a direct assault on Safe itself. The security firm Blockaid, which provided the details of the attack, clarified that the Safe user base had not suffered widespread consequences. Blockaid promptly informed Safe about the breach and is actively working to minimize any potential additional damage.

📜 Angel Drainer’s Impressive Track Record 📜

Angel Drainer has earned quite a reputation in the dark corners of the crypto world. In just a year of operation, the group has managed to siphon off more than $25 million from nearly 35,000 wallets—a staggering feat by any measure. This is not their first rodeo: the group has been behind other major breaches, including the notorious 2023 Ledger Connect Kit hack and the recent EigenLayer restake farming attack.

The restake farming attack was particularly cunning. Angel Drainer exploited a malicious queueWithdrawal function, which, when signed by users, withdrew their staking rewards to an address chosen by the attackers. The details of their techniques are often confounding, highlighting the need for heightened awareness and enhanced security measures in the crypto landscape.

🧐 Q&A for the Cryptocurrency Community 🧐

Q: How can I protect my crypto wallets from phishing attacks like the one perpetrated by Angel Drainer?

A: While no security measure is foolproof, there are steps you can take to minimize the risk. Always double-check the contract before authorizing any transactions, even with seemingly legitimate verification flags. Be wary of any requests for personal information or access to your wallet. And most importantly, stay informed about the latest security threats and best practices.

Q: Will the stolen funds be recovered?

A: Unfortunately, the chances of recovering stolen funds in such cases are typically slim. The decentralized nature of cryptocurrencies makes it challenging to trace and retrieve stolen assets. However, collaboration between security firms, blockchain projects, and law enforcement agencies can help prevent future attacks and bring criminals to justice.

Q: What is being done to improve crypto security in light of these attacks?

A: The crypto community is constantly evolving to stay one step ahead of cybercriminals. Blockchain security firms are developing advanced monitoring systems and conducting audits to detect and prevent vulnerabilities. Projects are also incorporating decentralized governance models to maintain transparency and ensure the security of users’ funds.

🔮 The Future of Crypto Security 🔮

While the Angel Drainer attacks are alarming, they serve as a stark reminder of the ongoing battle for security in the crypto world. As the industry matures, we can expect increased investment in robust security measures and the implementation of innovative technologies like multi-factor authentication and biometrics. To mitigate risks, users must remain vigilant and adopt best practices to safeguard their digital assets.

In the end, it’s a collective responsibility to protect the integrity and trustworthiness of cryptocurrencies. By staying informed, remaining cautious, and supporting projects that prioritize security, we can build a safer crypto ecosystem.

References

1. Angel Drainer’s Latest Attack – Blockaid on Twitter
2. 2023 Ledger Connect Kit Hack – (Article on Ledger Connect Kit hack)
3. EigenLayer Restake Farming Attack – (Article on EigenLayer attack)
4. Follow Us on Google News – Blockaid on Google News

Brian Yue is a blockchain enthusiast and technology writer who keeps a keen eye on the latest trends and happenings in the crypto landscape. Follow Brian on Twitter.

---

Did you find this article helpful? Share it with your friends and colleagues in the crypto community!

We will continue to update Blocking; if you have any questions or suggestions, please contact us!