The cryptocurrency ecosystem has always been vulnerable to malicious actors seeking to steal user funds, with nearly $19 billion in digital assets stolen over the last 13 years. According to a report by Crystal Intelligence, there have been 785 reported hacks and exploits in the cryptocurrency industry during this time period. Unfortunately, bad actors are now targeting less mature blockchain networks, as seen with the release of an upgraded version of the Angel Drainer toolkit called AngelX by Blockchain security firm Blockaid. This malicious wallet drainer has recently targeted newer blockchains like TON and TRON, featuring new attack flows and cloaking features to avoid detection.
AngelX, the upgraded version of Angel Drainer, is known to be one of the most malicious wallet drainers due to its lucrative features. This new version supports newer blockchains like TON and TRON, showcasing a shift in focus by malicious actors towards less secure networks. Brian Carter, a Senior Intelligence Analyst at Chainalysis, pointed out that scammers are targeting new blockchain networks for crypto drainers because they lack sufficient security protections, making it easier for them to steal users’ funds. These phishing tools masquerade as Web3 projects to entice victims into connecting their wallets directly to the drainer, allowing the threat actor to control the wallet fund.
The rise in crypto drainers targeting newer blockchains has been significant, with findings from Chainalysis showing that the quarterly growth rate in value stolen by crypto drainers has exceeded that stolen by ransomware. These cybercriminals typically use various crypto services to launder stolen funds or convert them into cash after stealing digital assets from victims’ wallets. Additionally, malicious DApps promoting fake Web3 sites have doubled this year, as seen with AngelX deploying 300 malicious DApps designed to steal digital assets from unknowing crypto users. This trend is tied directly to the recent crypto bull market, with more users and money entering the ecosystem.
Despite the efforts to combat these harmful phishing attacks, both researchers are certain that crypto drainer attacks will continue to impact the crypto ecosystem. Users can protect themselves against wallet drainers by using Web3 security extensions to identify phishing sites and assess the security of cryptocurrency wallets. Blockaid’s threat intel team tracks and detects these attacks daily, creating heuristics to identify malicious patterns in DApps, transactions, and on-chain contracts, allowing them to proactively scan the internet for newly deployed threats. Additionally, users should store valuable assets in offline wallets, only transfer funds to a hot wallet when necessary, use a temporary wallet with no assets when connecting to unfamiliar Web3 sites, and be cautious of links shared in chat rooms or on social media to reduce exposure to attacks.