Phishing Scam Drains Ethereum Safe Contracts for Over $400K

The attack was orchestrated by deploying a malicious Safe Vault contract on the Ethereum blockchain to access user wallets.

Angel with gold baklava in the dark clouds sitting with a computer.
Created by Kornelija Poderskytė from DailyCoin
  • An Ethereum blockchain-based phishing scam has siphoned off thousands in assets.
  • The attack targeted a significant number of users.
  • Phishing scams have become largely weaponized by malicious actors in their attacks against the crypto industry.

The cryptocurrency industry has become a bedrock for hacks and scams, as malicious actors bolster tactics to exploit projects and entities for selfish gain. Over the past year, crypto-related attacks have stolen billions in funds and assets, attributed to the infamous trends of flash loan exploits, cyber attacks, and phishing scams.

Continuing the trend, attackers remain relentless in the new year, and the latest to feel the burn are unsuspecting investors in a phishing attack. 

Ethereum-Based Exploit Wipes Assets  

According to cybersecurity firm Blockaid, on Tuesday, a phishing attack targeting over 128 user wallets siphoned off approximately $403,000.


The drain, which commenced at 6:41 am UTC on Monday, February 12th, was orchestrated by deploying the malicious Safe Vault contract on the Ethereum blockchain. This lured victims into signing a Permit2 with the Safe Vault as the operator, granting attackers access to their assets.

Blockaid emphasized that the incident was not a direct attack on the Safe protocol and had a limited impact despite causing severe financial losses for affected users.

Angel Drainer is renowned for its relentless attacks against the crypto industry, with drains constituting a significant portion of the $ 2 billion lost to phishing attacks in the past year.

Phishing Attacks Net $295M In 2023

A new year report by Scam Sniffer unveiled that approximately 324,000 crypt investors fell victim to notorious phishing scams, losing a total of $295 million.


The attacks were devised by Wallet Drainers through various methods, including fraudulent airdrops, SIM swaps, fake Google and Twitter ads, and spam social media comments.

Table of notable wallet drainers.
Source: Scam Sniffer

The top drainers include Inferno Drainer, MS Drainer, and Angel Drainer, each of which stole $81 million, $59 million, and $20 million, respectively. 

Advancing technology standards are also being weaponized by cyberattackers, who leverage them to circumvent promotion guidelines, even on trusted social media platforms.

The advent of artificial intelligence is bolstering scam techniques in crypto; read more:
Fake AI Ripple CEO Ad Targets XRP Holders on YouTube 

Find out more the race for Ethereum ETFs as new contenders join the ring:
Franklin Templeton Joins Ether ETF Applicants, Eyes Approval

This article is for information purposes only and should not be considered trading or investment advice. Nothing herein shall be construed as financial, legal, or tax advice. Trading forex, cryptocurrencies, and CFDs pose a considerable risk of loss.

Grace Abidemi

Grace Abidemi, a cryptocurrency reporter at DailyCoin, covers industry developments and trends. She previously worked as a freelance writer. With a Bachelor's degree in German Language and certifications in marketing and storytelling, Grace creates engaging content. When not working, she's in Nigeria, mastering cooking and canvas painting, and enjoys learning about different cultures and languages.