The Angel Drainer phishing group employed a new attack vector that involves using Etherscan to conceal the malicious nature of a smart contract.

Malicious Smart Contracts Disguised with Etherscan

Analysts at Blockaid identified a new method for fraudsters from the Angel Drainer group to distribute malicious smart contracts. Attackers deployed the malicious code using the decentralized vault contract Safe. 

The concept behind this tactic is that the Etherscan service automatically adds a verification flag to Safe contracts, giving users a false sense of security. By using the malicious smart contract, Angel Drainer stole $403,000 worth of assets from 128 cryptocurrency wallets.

The Blockaid team notes that the incident isn’t a direct attack on Safe, and the app’s users were scarcely affected. The project team was notified of the situation and is working to minimize further damage.

According to Blockaid, hackers from Angel Drainer became active approximately a year ago. During this period, attackers breached almost 35,000 wallets and absconded with assets valued at over $25 million. The group’s most infamous attack was the Ledger Connect Kit hack.

It’s noteworthy that a large-scale exploit of the PlayDapp gaming blockchain platform is also under scrutiny. The attack commenced on February 9, but the vulnerability remains unresolved, and the potential amount of damage is estimated at $290 million. The PlayDapp team halted the protocol and is investigating the incident. Negotiations with the hacker didn’t yield any results.

Attention! The media frequently reported an increase in cybercriminals refining their attack methods. A new type of malware was detected recently on the Solana network, enabling the alteration of transaction contents already signed by users. Additionally, due to advancements in crypto ransomware, attackers extorted $1 billion worth of assets as ransom in 2023.

Author: Evgeny Tarasov
#Hacking #News #Scam