What are Crypto Draining Attacks? Signs & Mitigation

Crypto Drainer Attack - How do They Work?
Cryptocurrency owners tensed up. Major fraud empties the wallets of users.

Among a wide variety of possible scams that involve cryptocurrencies, crypto draining attacks stand in their volume and amount of losses. As the name suggests, such an attack drains the entirety of contents of an involved cryptocurrency wallet. But let’s have a more detailed look at how this fraud works, and how you can avoid getting in such a trap.

How Do Crypto Drainers Work?

Crypto drainers operate through deceptive tactics. First, victims are lured to counterfeit websites through fake airdrop campaigns mimicking legitimate platforms. These phishing schemes start innocuously, with social media or email promotions offering free tokens.

But it’s a classic scam scheme, and behind the enticing offers lie well-crafted, fraudulent websites indistinguishable from the real deal. Next, the service asks the user to bind their wallet. When a user connects their wallet, this grants thieves unfettered access to their funds.

In the final step, users are encouraged to link their digital wallets. This is often done under the pretense of identity verification or token claims. However, a risk is involved as users may unknowingly interact with malicious smart contracts that are camouflaged as part of the token claim process. Such contracts may contain hidden functions compromising the wallet’s security or initiating unauthorized transactions.

Angel Drainer Group Leads Crypto Draining

Angel Drainer Group is a hacking group based in Eastern Europe. It first came to the attention of law enforcement in 2017. Then, the gang was linked to stealing $50 million worth of Bitcoin from a South Korean cryptocurrency exchange. Since then, the group has been responsible for other thefts, including the theft of $100 million worth of Ethereum from a Japanese exchange in 2018 and the theft of $200 million worth of Bitcoin from a US exchange in 2019.

Angel Drainer Group typically targets cryptocurrency exchanges, using social engineering, phishing, and malware to get access to exchange systems. Once they have access, the group will steal as much cryptocurrency as possible before moving it to other wallets. In addition to the thefts that Angel Drainer Group has been linked to, the group is also suspected of being involved in other illegal activities, including money laundering and cybercrime.

The ‘Permit’ Function

This method uses social engineering and manipulates the ‘Permit’ function in ERC-20 tokens. It means users are tricked into signing off-chain messages with their private key, unknowingly setting up an allowance for the attacker’s address. This technique is nefarious due to its subtlety, as it doesn’t necessitate on-chain transactions for each approval.

Once access is gained, assets are stealthily transferred from the victim’s wallet. Attackers use cryptocurrency mixers and multiple transfers to conceal the stolen assets’ trail, significantly complicating recovery. Comprehending these mechanics is vital for users and platforms in the crypto realm to develop effective security measures.

Safeguarding Assets

It is crucial to be cautious and use technological safeguards while dealing with cryptocurrency. First, you must be skeptical of unsolicited airdrop claims. Verify all smart contracts you have to deal with and prefer using hardware wallets when possible. Since cryptocurrency is a favorite place for internet scammers, you must be as careful as possible.

What are Crypto Draining Attacks? Signs & Mitigation

By Stephanie Adlam

I write about how to make your Internet browsing comfortable and safe. The modern digital world is worth being a part of, and I want to show you how to do it properly.

Leave a comment

Your email address will not be published. Required fields are marked *