AngelDrainer Scam Group Paid Saboteurs to Target Balancer
According to MistTrack’s investigation, the fees associated with the Balancer attacker’s actions have been traced back to the doorstep of the fraudulent organization known as AngelDrainer.
🚨Balancer Hack Update🚨
So far, we have the following findings about the @Balancer exploiter:
1/ The attacker’s fee came from the phishing group #AngelDrainer. In other words, after the attacker (AngelDrainer) attacked the website via BGP hijacking, then induced users to… https://t.co/5g6P2aPEz8 pic.twitter.com/3PInfe9VC1
— MistTrack🕵️ (@MistTrack_io) September 20, 2023
The attack unfolded through a multi-pronged strategy that showcased the attacker’s technical prowess. Initially, the assailant initiated a BGP (Border Gateway Protocol) hijacking, enabling them to take control of the targeted website. This manipulation of internet routing protocols allowed the attacker to gain access to the user’s session and, alarmingly, coerced the user into “agreeing” to transfer funds.
To launder the ill-gotten gains, the attacker leveraged THORChain, a cross-chain decentralized liquidity network. Using this platform, the attacker seamlessly transferred the funds across different blockchains, going from Ethereum (ETH) to Bitcoin (BTC) addresses. The intricate web of cross-chain transfers created a complex trail that proved challenging to trace.
As the investigation unfolds, one intriguing aspect has come to the forefront. There are indications that the Balancer attackers may have ties to Russia, suggesting a possible connection to a broader network of cybercriminals. The international nature of such attacks adds a layer of complexity to addressing and preventing such incidents.
MistTrack’s findings serve as a stark reminder of the ongoing battle to secure blockchain and cryptocurrency systems. It highlights the need for continuous vigilance and proactive measures to safeguard digital assets and user data. Users are advised to exercise caution when interacting with cryptocurrency platforms and to stay informed about the latest security threats and best practices.
DISCLAIMER: The information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.