Users Beware: Crypto Drainers Target Newer Blockchains Like TON and TRON
The landscape of cryptocurrency security is ever-evolving, with cybercriminals constantly devising new strategies to siphon funds from unsuspecting users. Despite the crypto community’s best efforts to secure digital assets, vulnerabilities remain, particularly within less mature blockchain networks. A recent report from Blockchain security firm Blockaid highlights a concerning trend: the rise of advanced phishing tools targeting these newer ecosystems.
AngelX: A New Threat on the Horizon
According to a disclosure by Blockaid, the emergence of AngelX, an advanced version of the infamous Angel Drainer phishing toolkit, marks a significant escalation in the sophistication of attacks targeting cryptocurrencies. Originating from its predecessor, which notoriously extracted over $400,000 from 128 wallets, AngelX amplifies the threat by supporting additional blockchains such as TON and TRON and introducing enhanced functionalities designed to facilitate scam operations.
Oz Tamir of Blockaid sheds light on the toolkit’s capabilities, “AngelX is outfitted with a plethora of features poised to streamline the execution of scams. This includes the support for new blockchains, user interface improvements for ease of scam setup, and novel attack methodologies such as seed phrase theft.” Furthermore, Tamir underscores the toolkit’s cloaking abilities aimed at evading detection from security solutions.
The pivot towards newer blockchain networks like TON and TRON, according to Tamir, stems from the increasing security measures implemented by the Web3 security community, driving malicious actors to explore less secure, emerging networks as their new playgrounds for fraud.
The Rise of Crypto Drainers
Chainalysis’ Senior Intelligence Analyst, Brian Carter, corroborates the expanding threat landscape, noting that scammers are exploiting the nascent security infrastructure of new blockchains. “The relative lack of transaction monitoring on these emerging networks opens up vulnerabilities that drainers are quick to exploit,” says Carter.
A crypto drainer operates by deceiving users into connecting their wallets to a malicious entity, masquerading as legitimate Web3 projects. This deceit allows attackers to hijack wallets, enabling unauthorized transactions and fund theft. Although quantifying the total losses to drainers remains challenging, Chainalysis reports a staggering increase in the quarterly growth rate of assets stolen by these mechanisms, surpassing even that of ransomware attacks between Q1 2023 and Q1 2024.
Guarding Against the Threat
In the face of these emerging threats, the crypto community is not powerless. Carter emphasizes the importance of proactive security measures such as the use of Web3 security extensions for phishing site detection and wallet security assessment. Additionally, Blockaid’s dedicated threat intelligence team plays a crucial role in preemptively identifying malicious DApps, transactions, and contracts before they reach potential victims.
Despite these efforts, the arms race between security professionals and cybercriminals continues. According to Tamir, the number of malicious decentralized applications (DApps) has surged, with a notable increase observed alongside the recent crypto bull market, underscoring the persistent allure of cryptocurrencies to bad actors.
Moreover, Carter and Tamir advise users to adopt several best practices for protecting their assets. Keeping valuable cryptocurrencies in offline (cold) wallets, utilizing temporary wallets for interacting with unknown Web3 sites, and exercising caution with links shared on social platforms are recommended strategies to mitigate risks.
Conclusion
As the blockchain and cryptocurrency sectors continue to grow, so too does the sophistication of threats aimed at exploiting them. The emergence of tools like AngelX and the focus on newer, less secure blockchains underscore the importance of continuous vigilance and security innovation. While the battle against cybercrime in the crypto space is far from over, informed users and advanced protective measures remain the cornerstone of defense against these evolving threats.
