Angel Drainer Strikes Again: $400,000 Stolen from 128 Crypto Wallets with New Attack Vector

The Angel Drainer phishing group reportedly pilfered over $400,000 from 128 crypto wallets using a new tactic. A recent analysis suggests that the notorious entity exploited Etherscan’s verification tool to mask the malicious nature of a smart contract.

Blockaid, a popular blockchain security company, disclosed on X (formerly Twitter) that the attack kicked off at 6:40 am on February 12, 2024.

Angel Drainer Targets Safe Vault Contract

Angel Drainer deployed a malicious Safe vault contract, leading users to inadvertently authorize a ‘Permit2’ transaction on the compromised contract, resulting in the theft of $403,000.

Specifically targeting a Safe vault contract, Angel Drainer aimed to lull users into a false sense of security, a typical ploy in crypto phishing schemes, as Etherscan automatically validates Safe contracts.

Blockaid highlighted that the assault was not a direct strike on Safe, affirming minimal impact on its user base. The security firm promptly notified Safe of the attack and was actively engaged in mitigating any potential further damage.

“This is not an attack on Safe, and Safe users are not broadly impacted – rather they decided to use this Safe vault contract because Etherscan automatically adds a verification flag to Safe contracts, which can provide a false sense of security as it’s unrelated to validating whether or not the contract is malicious.”

Wallet Drainers on the Prowl

Wallet drainers, in general, execute their schemes by installing malicious software on fraudulent websites to trick users into approving detrimental transactions, resulting in the unauthorized withdrawal of assets from their cryptocurrency wallets.

Scam Sniffer, a prominent Web3 anti-scam platform, noted instances of wallet drainers pilfering over $295 million in assets from around 324,000 individuals in the past year.

Despite the shutdown of similar groups like Inferno Drainer, Angel Drainer’s existence exposes a troubling trend that has been successfully stolen. Data suggest that this group has stolen over $25 million from almost 35,000 wallets in just a year since its inception.