{"id":18495,"date":"2023-12-27T10:27:24","date_gmt":"2023-12-27T10:27:24","guid":{"rendered":"https:\/\/gridinsoft.com\/blogs\/?p=18495"},"modified":"2023-12-27T10:27:24","modified_gmt":"2023-12-27T10:27:24","slug":"crypto-draining-attacks","status":"publish","type":"post","link":"https:\/\/gridinsoft.com\/blogs\/crypto-draining-attacks\/","title":{"rendered":"What are Crypto Draining Attacks? Signs &#038; Mitigation"},"content":{"rendered":"<p>Among a wide variety of possible scams that involve cryptocurrencies, crypto draining attacks stand in their volume and amount of losses. As the name suggests, <strong>such an attack drains the entirety of contents of an involved cryptocurrency wallet<\/strong>. But let\u2019s have a more detailed look at how this fraud works, and how you can avoid getting in such a trap.<\/p>\n<h2>How Do Crypto Drainers Work?<\/h2>\n<p>Crypto drainers operate through deceptive tactics. First, victims are lured <a href=\"https:\/\/gridinsoft.com\/phishing\">to counterfeit websites<\/a> through fake airdrop campaigns mimicking legitimate platforms. These phishing schemes start innocuously, with social media or email promotions <strong>offering free tokens<\/strong>.<\/p>\n<p>But it&#8217;s a classic scam scheme, and behind the enticing offers lie well-crafted, fraudulent websites indistinguishable from the real deal. Next, the service asks the user <strong>to bind their wallet<\/strong>. When a user connects their wallet, this grants thieves <strong>unfettered access to their funds<\/strong>.<\/p>\n<p>In the final step, users are encouraged to link their digital wallets. This is often done under <strong>the pretense of identity verification<\/strong> or token claims. However, a risk is involved as users may unknowingly interact with <strong>malicious smart contracts<\/strong> that are camouflaged as part of the token claim process. Such contracts may contain hidden functions compromising the wallet&#8217;s security or initiating unauthorized transactions.<\/p>\n<h2>Angel Drainer Group Leads Crypto Draining<\/h2>\n<p>Angel Drainer Group is a hacking group based in Eastern Europe. It first came to the attention of law enforcement in 2017. Then, the gang was linked to stealing <strong>$50 million<\/strong> worth of Bitcoin <a href=\"https:\/\/gridinsoft.com\/cryptocurrency\">from a South Korean cryptocurrency exchange<\/a>. Since then, the group has been responsible for other thefts, including the theft of <strong>$100 million<\/strong> worth of Ethereum from a Japanese exchange in 2018 and the theft of <strong>$200 million<\/strong> worth of Bitcoin from a US exchange in 2019.<\/p>\n<p>Angel Drainer Group typically targets cryptocurrency exchanges, <a href=\"https:\/\/gridinsoft.com\/social-engineering\">using social engineering<\/a>, phishing, and malware to get access to exchange systems. Once they have access, the group will <strong>steal as much cryptocurrency as possible<\/strong> before moving it to other wallets. In addition to the thefts that Angel Drainer Group has been linked to, the group is also suspected of being involved in other illegal activities, <strong>including money laundering<\/strong> and cybercrime.<\/p>\n<h2>The &#8216;Permit&#8217; Function<\/h2>\n<p>This method uses social engineering and manipulates the &#8216;Permit&#8217; function in ERC-20 tokens. It means users are tricked into signing off-chain messages with their private key, unknowingly setting up <strong>an allowance for the attacker&#8217;s address<\/strong>. This technique is nefarious due to its subtlety, as it doesn&#8217;t necessitate on-chain transactions for each approval.<\/p>\n<p>Once access is gained, <strong>assets are stealthily transferred from the victim&#8217;s wallet<\/strong>. Attackers use cryptocurrency mixers and multiple transfers to conceal the stolen assets&#8217; trail, significantly complicating recovery. Comprehending these mechanics is vital for users and platforms in the crypto realm to develop effective security measures.<\/p>\n<h2>Safeguarding Assets<\/h2>\n<p>It is crucial to be cautious and use technological safeguards while dealing with cryptocurrency. First, you must <strong>be skeptical of unsolicited airdrop claims<\/strong>. Verify all smart contracts you have to deal with and prefer using hardware wallets when possible. Since cryptocurrency is <a href=\"https:\/\/howtofix.guide\/category\/scam\/crypto-scams\/\" target=\"_blank\" rel=\"noopener nofollow\">a favorite place for internet scammers<\/a>, you must be as careful as possible.<\/p>\n<p style=\"padding-top:15px;padding-bottom:15px;\"><a href=\"\/download\/antimalware\" rel=\"nofollow\"><img loading=\"lazy\" loading=\"lazy\" decoding=\"async\" src=\"\/blogs\/wp-content\/uploads\/2022\/07\/env01.webp\" alt=\"What are Crypto Draining Attacks? Signs &amp;#038; Mitigation\" width=\"798\" height=\"336\" class=\"aligncenter size-full\" title=\"\"><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Among a wide variety of possible scams that involve cryptocurrencies, crypto draining attacks stand in their volume and amount of losses. As the name suggests, such an attack drains the entirety of contents of an involved cryptocurrency wallet. But let\u2019s have a more detailed look at how this fraud works, and how you can avoid [&hellip;]<\/p>\n","protected":false},"author":7,"featured_media":18502,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"content-type":"","_sitemap_exclude":false,"_sitemap_priority":"","_sitemap_frequency":"","footnotes":""},"categories":[15],"tags":[1099],"class_list":{"0":"post-18495","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-security-news","8":"tag-cryptocurrency-scam"},"featured_image_src":"https:\/\/gridinsoft.com\/blogs\/wp-content\/uploads\/2023\/12\/Crypto-Draining-Scams.webp","author_info":{"display_name":"Stephanie Adlam","author_link":"https:\/\/gridinsoft.com\/blogs\/author\/adlam\/"},"_links":{"self":[{"href":"https:\/\/gridinsoft.com\/blogs\/wp-json\/wp\/v2\/posts\/18495","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/gridinsoft.com\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/gridinsoft.com\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/gridinsoft.com\/blogs\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/gridinsoft.com\/blogs\/wp-json\/wp\/v2\/comments?post=18495"}],"version-history":[{"count":9,"href":"https:\/\/gridinsoft.com\/blogs\/wp-json\/wp\/v2\/posts\/18495\/revisions"}],"predecessor-version":[{"id":18505,"href":"https:\/\/gridinsoft.com\/blogs\/wp-json\/wp\/v2\/posts\/18495\/revisions\/18505"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/gridinsoft.com\/blogs\/wp-json\/wp\/v2\/media\/18502"}],"wp:attachment":[{"href":"https:\/\/gridinsoft.com\/blogs\/wp-json\/wp\/v2\/media?parent=18495"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/gridinsoft.com\/blogs\/wp-json\/wp\/v2\/categories?post=18495"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/gridinsoft.com\/blogs\/wp-json\/wp\/v2\/tags?post=18495"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}