Angel Drainer Phishing Group Steals Over $400,000 from 128 Crypto Wallets

According to CryptoPotato, the Angel Drainer phishing group has reportedly stolen over $400,000 from 128 crypto wallets using a new tactic. The notorious entity is said to have exploited Etherscan's verification tool to mask the malicious nature of a smart contract. Blockchain security company Blockaid disclosed that the attack began at 6:40 am on February 12, 2024. Angel Drainer deployed a malicious Safe vault contract, causing users to inadvertently authorize a 'Permit2' transaction on the compromised contract, resulting in the theft of $403,000. By specifically targeting a Safe vault contract, Angel Drainer aimed to lull users into a false sense of security, a common ploy in crypto phishing schemes, as Etherscan automatically validates Safe contracts. Blockaid emphasized that the attack was not a direct strike on Safe and had minimal impact on its user base. The security firm quickly notified Safe of the attack and actively worked to mitigate any potential further damage. Wallet drainers typically execute their schemes by installing malicious software on fraudulent websites to trick users into approving harmful transactions, leading to the unauthorized withdrawal of assets from their cryptocurrency wallets. Web3 anti-scam platform Scam Sniffer reported instances of wallet drainers stealing over $295 million in assets from around 324,000 individuals in the past year. Despite the shutdown of similar groups like Inferno Drainer, Angel Drainer's existence reveals a troubling trend, with data suggesting the group has stolen over $25 million from nearly 35,000 wallets in just a year since its inception.