🚀 AngelX Phishing Toolkit Targets Crypto Users With New Malicious Apps
#AngelX #PhishingToolkit #CryptoScams #BlockchainSecurity #DigitalAssets #DecentralizedApps #Cybersecurity #MaliciousApps #PhishingAttacks #CryptoFraud #ScamProtection #BlockchainTools #TON #TRX
According to Cointelegraph, the infamous crypto phishing toolkit Angel Drainer has resurfaced with an enhanced version named AngelX. Blockchain security firm Blockaid reported that AngelX has already deployed 300 malicious decentralized applications (DApps) aimed at stealing digital assets from cryptocurrency users.
Blockaid highlighted that one of the alarming features of AngelX is its improved support for phishing apps targeting users on newer and less mature blockchains, such as The Open Network (TON) and Tron network. These blockchains are perceived as less equipped to defend against attacks due to a lack of robust security tools and support.
The firm also noted the detection of over 150 new scams powered by the AngelX system since its launch on August 31. Blockaid emphasized that the new AngelX system has a high evasion rate, allowing many of its malicious apps to go undetected by other security vendors in the crypto space. Additionally, AngelX features an upgraded user experience (UX) and control panel, enabling scammers to create highly customizable scam apps across a broader range of blockchains.
Blockaid's early detection of the AngelX system helped safeguard approximately $400,000 in assets that could have been misappropriated within the first five days of its operation. The original Angel Drainer toolkit had reportedly wound down most of its operations on July 16 after its developers realized their identities might have been compromised. Security analysts estimate that around $25 million in crypto assets have been stolen through Angel Drainer-powered phishing scams.
Drainer toolkits are applications that allow phishing scammers to easily drain the wallets of crypto users by tricking them into accidentally making token approvals. Typically, these drainers are provided to scammers in exchange for a portion of the stolen assets.#AngelX #PhishingToolkit #CryptoScams #BlockchainSecurity #DigitalAssets #DecentralizedApps #Cybersecurity #MaliciousApps #PhishingAttacks #CryptoFraud #ScamProtection #BlockchainTools #TON #TRX
🚀 Unity Addresses Vulnerability Threatening Mobile Crypto Wallets
#Unity #vulnerability #mobilecrypto #Android #gamingplatform #patch #crypto #GooglePlay #maliciousapps #real-timegames #appdevelopers #security #sideloading #gamersecurity #cryptoassets
According to Cointelegraph, Unity Technologies is addressing a vulnerability in its gaming platform that could allow third-party code to run in Android-based mobile games, potentially targeting mobile crypto wallets. Anonymous sources revealed that the issue affects projects dating back to 2017 and primarily impacts Android systems, though Windows, macOS, and Linux are also affected to varying degrees. Unity has started distributing fixes and a standalone patching tool to selected partners, with public guidance expected early next week.
A Google spokesperson confirmed awareness of the vulnerability and stated that Unity is providing a patch for app developers to address the issue. Developers are urged to update their apps immediately, and Google Play is assisting in releasing patched versions swiftly. Current detections indicate that malicious apps exploiting this vulnerability are not present on Google Play. Unity, a leading platform for creating real-time games and experiences, powers over 70% of the top thousand mobile games and more than 50% of new mobile games.
The vulnerability, described as an "in-process code injection," poses a potential threat to crypto wallets. While it is unclear if devices can be fully compromised, the malicious code could attempt overlays, input capture, or screen scraping to target personal credentials or crypto wallet seed phrases. Mobile gamers are advised to update Unity-based games as patches become available and avoid sideloading apps from unofficial sources. Sideloaded apps bypass Google Play's security checks and may not receive automatic security updates or patches.
To protect themselves, users should review device permissions and disable unnecessary overlays or accessibility services during gaming. Additionally, practicing risk segregation by keeping crypto wallets on a separate device or account from gaming activities is recommended. This is an ongoing story, and further updates will be provided as more information becomes available.#Unity #vulnerability #mobilecrypto #Android #gamingplatform #patch #crypto #GooglePlay #maliciousapps #real-timegames #appdevelopers #security #sideloading #gamersecurity #cryptoassets