New wallet drainer targets growing blockchain ecosystems: Blockaid

New wallet drainer targets growing blockchain ecosystems: Blockaid

A newly evolved wallet drainer has unleashed a wave of scams targeting emerging blockchain ecosystems like TON and TRON, analysts say.

Blockchain ecosystems like The Open Network and TRON seem to be under siege as the newly evolved AngelX wallet drainer unleashes a surge of scams, marking a significant escalation in cyber threats within the crypto space.

New wallet drainer targets growing blockchain ecosystems: Blockaid - 1
Angel-powered scams | Source: Blockaid

Data provided by blockchain cybersecurity firm Blockaid shows that AngelX, first released on Aug. 31, has swiftly proliferated, with the analysts detecting over 300 malicious decentralized apps in just four days.

“This surge represents a substantial increase in malicious activity, positioning AngelX as one of the most aggressive wallet drainers in recent months.”

Blockaid

The new wallet drainer, which represents a more aggressive and sophisticated iteration of the original version, appears to be targeting less mature blockchain networks as hackers perceive these chains as “less equipped to defend against attacks, due to a lack of robust security tools and support,” Blockaid says.

Blockaid’s research also revealed that more than 90% of AngelX dApps have evaded detection by other major security providers, highlighting the growing challenge for blockchain security vendors, as malicious actors increasingly exploit emerging ecosystems.

Neverending attacks

In mid-July, analysts at Match Systems reported they had successfully de-anonymized individuals behind the Angel drainer, prompting speculation about whether the malware had ceased operations. Angel Drainer, a JavaScript-based malware, is used by cybercriminals to drain cryptocurrency wallets by executing phishing scams that deceive users into granting token approvals, allowing attackers to steal their assets.

In mid-July, analysts at Match Systems said they were able to de-anonymize members behind the Angel drainer, raising questions of whether the malware suspended its operations. In February, Blockaid estimated that Angel Drainer stole over $25 million worth of crypto from nearly 35,000 wallets, suggesting that the malware was probably behind “high profile drains” like Ledger Connect Kit and Restake Farming attack.

Angel Drainer is a JavaScript-based malware utilized by cybercriminals to drain crypto wallets. It operates by executing phishing scams that trick users into granting token approvals, enabling the scammers to siphon off their assets.