Uncategorized

Angel Drainer Exploits Restaking Platforms with New Attack Vector

Odin AI

Blockaid Warns of Angel Drainer’s Latest Phishing Attack Targeting Restaking Platforms

Blockaid’s team of analysts has raised the alarm about a new and sophisticated phishing campaign orchestrated by the notorious Angel Drainer group. This latest scheme is a significant threat to restaking platforms, exploiting a protocol to authorize unauthorized transactions.

Uncovering the New Attack Vector

On February 1, Blockaid took to an X thread to reveal the discovery of a novel attack vector utilized by Angel Drainer. The group has been employing the “queueWithdrawal” function in a malicious scheme to carry out what Blockaid terms as an “approval farming attack.” In the wake of this discovery, Blockaid has shared the wallet addresses affected and is actively working on implementing measures to safeguard users against this threat.

The Mechanics of the Attack

The attack centers around restaking rewards, a concept introduced by EigenLayer that allows Ethereum (ETH) stakers to receive new tokens. These tokens can then be restaked across various decentralized applications, maintaining the stakers’ ability to participate in governance protocols.

Angel Drainer’s strategy involves a unique approval farming method through EigenLayer’s “queueWithdrawal” function. This method enables the malicious “withdrawer” to redirect staking rewards to the attacker’s address. Blockaid highlights the difference in this approval method from the standard ERC20 ‘approve’ function, pointing out its complexity and the resulting challenges for security tools to parse and validate these approvals.

Evading Detection

To slip past security measures, Angel Drainer employs the “CREATE2” mechanism, which allows approvals to be made to an initially empty address. This tactic makes it more difficult for the attack to be detected and prevented. Blockaid has informed the EigenLayer team about the ongoing attack. Subsequently, EigenLayer has acknowledged the threat and is urging users to remain vigilant given the rise in phishing attacks targeting their platform.

Conclusion

Blockaid’s revelation of Angel Drainer’s latest phishing campaign targeting restaking platforms is a stark reminder of the evolving threats in the cryptocurrency space. Users of such platforms are advised to stay informed and exercise caution. Blockaid is continuing its efforts to combat these attacks and protect the community.

Related Posts

Modular Blockchain’s New Contender: Dymension As the digital curtains were drawn back on Dymension’s mainnet, the blockchain sphere was met…

Monero Defies Delisting Woes; Binance Bids Farewell In a surprising turn of events, Monero (XMR) has shown remarkable resilience in…

Enhancing Staking Options in the Cosmos Ecosystem: dYdX Foundation Partners with Stride for Liquid Staking

Discover the latest development in the Cosmos Ecosystem as the dYdX Foundation collaborates with Stride to introduce liquid staking on its blockchain. With Stride’s expertise as the leading liquid staking provider, this partnership aims to expand staking options and unlock new possibilities for investors and participants in the ecosystem. Stay tuned for exciting updates and opportunities in the world of liquid staking!

Leave a Reply

Your email address will not be published. Required fields are marked *
en_USEnglish
en_USEnglish