"Cyber Threats in the Cryptosphere: Understanding the Angel Drainer Attacks and Its Implications on Digital Finance Security"

Published on: 14/02/2024

"Cyber Threats in the Cryptosphere: Understanding the Angel Drainer Attacks and Its Implications on Digital Finance Security"

Brayden Lindrea

February 14, 2024

In the world of cryptocurrency and blockchain technology, where innovation collides with the uncharted territory of digital finance, staying abreast of security challenges is essential. Recently, the cryptosphere was thrown into a frenzy by a notorious phishing group named Angel Drainer. They deployed a Safe vault contract that afforded victims a false aura of assurance resulting in a hefty loot of over $400,000 from 128 unaffected crypto wallets. But what does this recent misconduct mean for the future of the industry and its investors?

On February 12, at 6:40 am, the phishing group sprung into action. Blockchain security firm Blockaid documented the attack, noting that Angel Drainer had deployed a malicious Safe vault contract. Unsuspecting users, guided by their trust in Etherscan’s verification tool, signed a “Permit2” transaction on the Safe vault contract, which was said to be the snag that wheedled approximately $403,000 out from them.

The main gimmick used by the group was Etherscans verification flag, a symbol that normally denotes a legitimate contract. However, in this case, it was nothing more than a wolf in sheeps clothing designed to mask the malicious intent of the contract. Blockaids report emphasized that Safe as a platform wasnt directly impacted by the attack, rather a section of its users were targeted.

This assault by Angel Drainer, a group with only 12 months in operation, is just one example in a series of similar attacks. In its short tenure, the group has managed to drain over $25 million from almost 35,000 wallets. It is also the entity behind notable hacks like last years Ledger Connect Kit and last weeks Restake Farming attack.

The long-term implications of these attacks are multifaceted. Investor confidence is likely to have been dented by the clever use of verified and trusted systems to carry out scams. We might see a surge in the demand for more effective security systems and a shift in the market towards currencies and platforms deemed more secure.

We should be prepared for more sophisticated attacks too. One of the most significant market movements in the aftermath of these attacks is a shift towards more secure platforms and contracts. The EigenLayer restake farming attack, where a new approval method was implemented, marks a notable evolution in the complexity of these phishing operations.

According to the Web3 scam tracker Scam Sniffer, nearly 40,000 users on various platforms lost a combined sum of $55 million in January alone. The figure stands to surpass the $295 million lost in 2023.

While these incidents deal a palpable blow to investor trust, they also foster a new urgency for better security measures within the Web3 community. The crypto market, and in particular DeFi services, are quickly becoming a billion-dollar secret that watchdogs cant afford to ignore.

Indeed, adversity often fuels innovation. The more devious these phishing attacks become, the more incentives are in place for innovators to devise more reliable security systems. For now, vigilance is an investors best weapon against these ever-evolving cyber threats in the wild west of crypto investing. Visibility, education and continued vigilance are key to shield oneself in this digital landscape.