The notorious phishing group deployed a nefarious Safe vault contract that used Etherscan to provide victims with a “false sense of security.”
Notorious phishing group Angel Drainer has reportedly stolen over $400,000 from 128 crypto wallets through a new attack vector that has leveraged Etherscan’s verification tool to cover up the malicious nature of a smart contract.
The attack started at 6:40 am Feb. 12 when Angel Drainer deployed a malicious Safe (formerly Gnosis Safe) vault contract, wrote blockchain security firm Blockaid in a Feb. 13 post to X.
At total of 128 wallets then signed a “Permit2” transaction on the Safe vault contract, leading to $403,000 in funds being stolen.
