Angel Drainer, a notorious phishing group, reportedly stole over $400,000 from 128 crypto wallets. The attack is expected to use Etherscan’s verification tool to cover up the malicious nature of a smart contract, stated Cointelegraph.
On February 13, 2024, Blockaid, blockchain security firm, tweeted that the attack started at 6:40 am on February 12, 2024 when Angel Drainer deployed a malicious safe (formerly Gnosis Safe) vault contract.
“This is not an attack on Safe […] rather they decided to use this Safe vault contract because Etherscan automatically adds a verification flag to Safe contracts, which can provide a false sense of security as it’s unrelated to validating whether or not the contract is malicious, ” Blockaid explained.
Furthermore, the $484,000 Ledger Connect Kit hack and the EigenLayer restake farming attack can be among the most notable attacks committed by Angel Drainer in recent months, concluded Cointelegraph.
(With insights from Cointelegraph)
