The notorious phishing group Angel Drainer has reportedly managed to steal more than $400,000 from 128 cryptocurrency wallets using a new method. This approach involves exploiting Etherscan’s verification tool to conceal the malicious intent of a smart contract.
The attack commenced on February 12 at 6:40 am when Angel Drainer deployed a harmful Safe vault contract. According to a post by blockchain security firm Blockaid on February 13, a total of 128 wallets authorized a “Permit2” transaction on the compromised Safe Vault contract, resulting in the theft of $403,000 in funds.
Blockaid pointed out that scammers utilized a Safe Vault contract specifically to create a deceptive impression of safety. They emphasized that the incident wasn’t a direct assault on Safe, and the majority of its user base hadn’t been significantly affected.
Blockaid informed Safe about the attack and was actively engaged in minimizing any further harm. They clarified that the choice of the Safe Vault contract was due to the Etherscan verification tool. Using this tool, the group tricked people into thinking the Safe Vault contract was genuine while hiding its harmful intentions.Â
Etherscan’s automatic verification of real contracts unknowingly helped the phishing scheme, making the attack more effective.
