Angel Drainer Shut Down After Developer Identification
The notorious Angel Drainer, a malware-as-a-service (MaaS) program linked to over $25 million in crypto thefts, has reportedly shut down. The news comes after security researchers at Match Systems potentially identified the developers behind the operation.
In a post on X, Match Systems, a Dubai-based blockchain forensics firm, revealed that Angel Drainer’s Telegram channel announced the suspension of services. While it’s unclear if Match Systems reported the bad actors to law enforcement, they continue to gather data. “We continue to accumulate data and work to identify the remaining identities involved in this criminal gang,” Match Systems stated.
Angel Drainer’s Modus Operandi
Angel Drainer is a JavaScript-based malware used by cybercriminals to drain crypto wallets. It operates through phishing scams that trick users into granting token approvals, allowing the scammers to siphon off their assets.
First detected in late 2023, Angel Drainer gained notoriety in early 2024 when analysts at blockchain security firm Blockaid identified a new attack vector. The malware exploited a protocol to execute a novel approval farming attack through the queueWithdrawal mechanism.
In February, Blockaid estimated that Angel Drainer stole over $25 million worth of crypto from nearly 35,000 wallets. The malware was suspected to be behind high-profile attacks like the Ledger Connect Kit and Restake Farming incidents.
The Impact of Angel Drainer’s Shutdown
The shutdown of Angel Drainer is a positive development for the crypto community. While the threat of malware remains, this incident highlights the importance of security and vigilance in the digital asset space. It is crucial to remain cautious of phishing attempts and to ensure the security of your wallets and accounts.
