The crypto ecosystem has always been vulnerable to malicious actors looking to steal user funds.
According to a recent Crystal Intelligence report, nearly $19 billion worth of digital assets have been stolen in the last 13 years since June 19, 2024. The report also highlighted that the cryptocurrency industry faced 785 reported hacks and exploits during the same timeframe.
crypto-drainers-target-new-blockchain-networks">crypto Drainers Target New Blockchain Networks
Recent findings indicate that bad actors continue to focus their efforts on crypto ecosystems, specifically targeting less mature blockchain networks. Blockchain security firm Blockaid reported on August 31 that an upgraded version of the notorious crypto phishing toolkit Angel Drainer, known as "AngelX," was released.
The original Angel Drainer, which stole over $400,000 from 128 crypto wallets earlier this year, was also involved in the Ledger Connect Kit Attack. This attack injected malicious code into a Ledger package to target Ledger wallet users.
crypto-drainers-are-targeting-newer-blockchains-">Why crypto Drainers Are Targeting Newer Blockchains
Blockaid's researcher, Oz Tamir, explained that AngelX is one of the most malicious wallet drainers in operation today due to its advanced features. AngelX supports newer blockchains like ton and TRON, offering attackers a range of capabilities to carry out scams effectively.
Tamir stated, "We believe that the security enhancements made by Blockaid and the web3 security community have pushed malicious actors to explore new opportunities in less secure blockchain networks. These networks are viewed as lucrative targets due to their lower security measures."
He further illustrated how the growth of networks like ton has attracted malicious actors seeking to exploit the expanding user base. Tamir emphasized that the network growth directly correlates with increased fraudulent activity targeting unsuspecting users.
crypto-drainers-work">How crypto Drainers Work
Brian Carter, a Senior Intelligence Analyst at Chainalysis, highlighted that scammers are increasingly targeting new blockchain networks for crypto drainers, as these wallets often lack robust security measures. crypto drainers operate by enticing victims to connect their wallets directly to the drainer, enabling threat actors to gain control over the wallet funds.
Chainalysis' report revealed that the value stolen by crypto drainers surpassed the value stolen by ransomware in the previous year. Cybercriminals typically launder stolen digital assets through various crypto services after draining victims' wallets.
Malicious DApps Double This Year
crypto drainers like AngelX have been promoting fake web3 sites on popular platforms, luring unsuspecting users to connect their wallets. This system has already deployed 300 malicious DApps designed to siphon digital assets from users.
Tamir noted that the prevalence of malicious DApps has nearly doubled in 2024, driven by the rapid growth of the crypto ecosystem amid the recent bull market. As more users and funds enter the space, attackers are increasingly motivated to launch sophisticated attacks.
crypto-drainer-attacks-will-continue-but-users-can-protect-themselves">crypto Drainer Attacks Will Continue, But Users Can Protect Themselves
Tamir and Carter foresee an ongoing threat from harmful phishing attacks targeting the crypto ecosystem. Users can safeguard themselves by employing web3 security extensions to identify phishing sites and assess wallet security, as recommended by Carter.
Tamir highlighted that Blockaid's threat intel team actively detects and mitigates these attacks, leveraging a team of cybersecurity experts dedicated to tracking drainer developers and identifying malicious patterns in DApps.
Carter advised users to store valuable assets in offline wallets, transfer funds only when necessary, and exercise caution when interacting with unfamiliar web3 sites. By adopting these measures, users can mitigate the risks posed by crypto drainer attacks in the evolving digital landscape.
