Users of The Open Network (TON) and layer-one blockchain Tron face new security risks as a malicious wallet-draining toolkit called AngelX begins siphoning crypto assets through phishing attacks.
The cybersecurity firm Blockaid has exposed this large-scale phishing campaign, revealing that AngelX builds on the notorious Angel Drainer toolkit, known for its role in stealing millions from unsuspecting crypto and NFT users.
AngelX represents an evolution of Angel Drainer, which was previously used to execute over $25 million in crypto theft across 35,000 wallets.
This phishing toolkit allows cybercriminals to deceive users into approving malicious transactions that drain their wallets.
By distributing the toolkit to other criminals and sharing profits from the stolen assets, developers have created a profit-sharing model that fuels ongoing cybercrime in the cryptocurrency space.
AngelX has been used in over 150 phishing scams
Since its emergence on August 31, AngelX has been used in over 150 phishing scams, targeting newer blockchains like TON and Tron, which Blockaid claims are more vulnerable due to their lack of robust security tools.
Blockaid’s research indicates that attackers have already deployed 300 malicious decentralized applications (dApps) using this new toolkit.
The report highlights that newer blockchains often have smaller communities, meaning fewer users are actively monitoring for threats.
This makes it easier for scammers to execute attacks without being quickly detected.
Furthermore, AngelX is more evasive than its predecessor, slipping past the security measures of several crypto-focused vendors.
The upgraded toolkit also features a more sophisticated user interface, allowing cybercriminals to create custom scam applications with greater ease.
Despite the sophistication of AngelX, Blockaid’s early detection has helped safeguard around $400,000 worth of funds.
The cybersecurity firm urges blockchain networks to enhance their security measures to better protect users from these evolving threats.
Rise of AngelX amid major drainers shutting down
The rise of AngelX comes shortly after several major wallet drainers, including Angel Drainer, shut down their operations.
According to Match Systems, the original Angel Drainer team was identified, and shortly thereafter, the drainer ceased operations, confirmed via messages in the developers’ Telegram group.
Other notorious toolkits like Pink Drainer, which stole at least $75 million, also closed shop earlier this year, as did Inferno Drainer, which netted $70 million before its shutdown in 2023.
The reason for these closures is not entirely clear, but some reports suggest that increased security efforts by firms like Blockaid may have contributed to their downfall.
In one instance, a drainer developer complained on social media about shutting down due to Blockaid’s efforts.
As the cybersecurity landscape improves, more wallet providers are taking proactive measures to safeguard users.
In July, web3 wallet provider MetaMask acquired Wallet Guard, adding enhanced protections designed to detect wallet drainers before they can cause harm.
While AngelX presents a new challenge for the crypto industry, the sector’s increasing focus on security offers hope that future threats can be mitigated before they wreak havoc on unsuspecting users.
The post AngelX wallet drainer targets vulnerable TON and Tron blockchains appeared first on Invezz