Key Highlights: Check Point Research Unveils Rise in Sophisticated Crypto Phishing: An investigation reveals an alarming increase in advanced phishing schemes targeting a variety of blockchain networks, employing wallet-draining techniques.
Persistence of Threat Groups: Despite the takedown of groups like Inferno Drainer, groups like Angel Drainer continue their activities, offering scam-as-a-service for wallet draining.
Critical Importance of User Vigilance and Security Measures: The report emphasizes the need for robust security protocols and user awareness to prevent wallet thefts in the crypto space.
In a detailed report by Check Point Research, the cryptocurrency community is warned about a growing trend in sophisticated phishing attacks.
These attacks are not confined to a single blockchain network; they are prevalent across numerous platforms including Ethereum, Binance Smart Chain, Polygon, and Avalanche.
Despite the shutdown of similar groups, Angel Drainer continues to thrive, providing tools and services for cryptocurrency theft.
The Mechanics of Crypto Drainers: These drainers operate through deceptive tactics like fake airdrop campaigns, directing victims to counterfeit websites that mimic genuine platforms.
Once users connect their wallets, they unknowingly grant access to their funds, leading to theft without further interaction.
The mechanics of crypto drainers, as detailed in the Check Point Research report, involve a sophisticated and multi-layered approach to illicitly transfer cryptocurrency from victims' wallets.
These are usually promoted on social media or via email, offering free tokens or other incentives to lure users.
These websites are carefully crafted to mimic genuine token distribution platforms or wallet interfaces, making it difficult for users to distinguish them from the real ones.
Wallet Connection Requests: Once on these deceptive sites, users are prompted to connect their digital wallets.
The connection request appears harmless, often under the guise of verifying the user's identity or account to proceed with the token claim.
The smart contract contains hidden functions that, when executed, alter the security settings of the user's wallet or directly initiate unauthorized transactions.
Exploiting the 'Permit' Function in ERC-20 Tokens: A specific method used by these drainers is the manipulation of the 'Permit' function in ERC-20 tokens.
The attackers trick users into signing a message off-chain with their private key, setting up the allowance for the attacker's address.
Stealthy Asset Transfer and Obfuscation: After gaining access, the attackers then transfer assets out of the user's wallet.
It highlights the importance of being cautious with wallet connections, verifying smart contract details, and being skeptical of too-good-to-be-true offers, especially those requiring wallet interactions or approvals.
It advises skepticism towards unsolicited airdrop claims, understanding the implications of approving transactions, verifying smart contracts, and employing hardware wallets for enhanced security.
Conclusion: The threat of phishing attacks in the cryptocurrency domain is significant and ever-evolving.
This Cyber News was published on blog.checkpoint.com. Publication date: Fri, 22 Dec 2023 14:13:05 +0000