Phishing Group Angel Drainer Steals $400,000 from 128 Crypto Wallets
A phishing group called Angel Drainer has successfully stolen over $400,000 from 128 cryptocurrency wallets. The group deployed a malicious vault contract to carry out the attack, exploiting Etherscan’s verification tool to hide the contract’s malicious characteristics.
The Attack and Method Used
The attack took place on February 12 when Angel Drainer deployed a malicious Safe vault contract. Users unknowingly authorized a ‘Permit2’ transaction on the compromised contract, resulting in the theft of $403,000. By using a Safe vault contract, the group aimed to create a false sense of security among users.
Not an Attack on Safe
Blockaid, the blockchain security firm that reported the incident, clarified that this was not a direct attack on Safe. They informed Safe about the attack and are working to mitigate any potential damage.
Angel Drainer’s Track Record
In just one year, Angel Drainer has managed to steal over $25 million from nearly 35,000 wallets. They have been involved in major breaches such as the Ledger Connect Kit hack and the EigenLayer restake farming attack.
Conclusion
The phishing group Angel Drainer continues to exploit vulnerabilities in the crypto space, with their latest attack resulting in the theft of $400,000 from 128 wallets. It is crucial for crypto users to remain vigilant and take necessary precautions to protect their digital assets.
By
By
By
By