Hackers have developed a new attack scheme using the malicious program Angel Drainer to steal rewards for Ethereum (ETH) restaking. This discovery was made by the Web3 security platform Blockaid. Angel Drainer, one of the most popular malicious programs last year, was used to steal $20 million over the past 12 months.
The new scheme involves a special permission method that allows hackers to deceive the system and withdraw restaking rewards from the EigenLayer protocol. EigenLayer is an Ethereum-based protocol offering tools for ETH restaking at the consensus level. Hackers also use the "CREATE2" mechanism, allowing them to approve fund withdrawals to an empty address, making identification difficult.
Blockaid specialists are already working on a fix that will protect users' wallets from new hacker schemes. They have also warned the EigenLayer protocol team about the fraudsters' actions.
Last year, analysts at SlowMist discovered a new type of phishing attack developed by Chinese hackers using a fake Skype application to steal cryptocurrency. Another scheme targeted users of the social platform Friend.tech, where a cybercriminal, posing as a well-known journalist, sent phishing links to steal digital assets.
Blockchain platform TRM Labs experts noted that losses from hacker breaches of crypto projects in 2023 were reduced by 50%, amounting to $1.7 billion.
