In the tumultuous landscape of cryptocurrency, where promises of financial liberation collide with the lurking shadows of cyber threats, one name has etched itself as a recurring nightmare: Angel Drainer. With each strike, this nefarious entity leaves a trail of financial devastation, exploiting vulnerabilities and siphoning funds from unsuspecting victims.
Today our researchers discovered yet another emerging attack vector from the Angel Drainer group — this time phishing users and leading them to a single Safe Vault contract where 128 wallets have been drained of $403k+ so far. All Blockaid-protected users are safe. 🧵 pic.twitter.com/niffQDlciG
The latest chapter in this saga unfolds with a revelation from Blockaid, the vigilant guardian of Web3 security. Another breach orchestrated by Angel Drainer has come to light, exposing a staggering $403,000 in funds by compromising an intelligent contract within Safe Vault. Like a stealthy predator, Angel Drainer leveraged Etherscan’s verification tool to cloak the malicious nature of the contract, ensnaring 128 wallets in its web of deceit.
The modus operandi is chillingly familiar. Deploying a deceptive Safe vault contract, Angel Drainer exploited the automatic verification flag on Etherscan, lulling victims into a false sense of security. Yet, amidst the chaos, Blockaid reassures that this assault is not a direct indictment of Safe itself. Instead, it underscores the pressing need for heightened vigilance and proactive security measures across the crypto landscape.
Today, the Angel Drainer Group celebrated one year in operation.
They've drained over $25M from nearly 35k wallets and are behind high profile drains like last year's Ledger Connect Kit and last week's Restake Farming attack.
But who is behind the evil mask of Angel Drainer? Emerging just twelve months ago, this shadowy group has already inflicted losses exceeding $25 million, targeting nearly 35,000 wallets. The annals of their exploits are marked by high-profile breaches, including the infamous $484,000 Ledger Connect Kit hack and the audacious Eigenlayer re-stake farming attack. The latter, a sinister ploy involving a malicious queue Withdrawal function, exemplifies the depth of their deception, exploiting unsuspecting users to siphon staking rewards.
according to 15% drainer fee, that means they drained at least 3 million recently.
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) February 13, 2024
Yet, Angel Drainer’s reign of terror extends beyond individual breaches, permeating the very fabric of the crypto community. Phishing attacks, like malignant tendrils, ensnare over 40,000 users in January alone, with platforms such as OpenSea, zkSync, Manta Network, Optimism, and SatoshiVM falling prey to their insidious tactics. The toll is staggering, eclipsing $55 million in combined losses, as unsuspecting victims navigate treacherous digital waters.
In the wake of such relentless assaults, vigilance becomes our greatest weapon. From individual investors to seasoned veterans, the onus falls upon each of us to fortify our defences, question the integrity of every link, and scrutinise every transaction with unwavering diligence. We can only thwart the advances of entities like Angel Drainer and safeguard the promise of a secure and equitable crypto landscape through collective resilience and steadfast vigilance.
