A new hacking vector was introduced by Angel Drainer, one of the most popular malware for emptying wallets last year. According to Scam Sniffer, over the past 12 months, a total of $20 million has been stolen with the help of drainer.
In very simple words: scammers have learned to cheat the system using a special resolution method. It is almost impossible to catch it by any security systems yet, because the scheme is new. When a user signs a transaction, they automatically allow the hacker to withdraw the restaking reward from the EigenLayer protocol.
EigenLayer is an Ethereum—based protocol that offers restaking tools to market participants. With it, users can reuse ETH at the consensus level.
In order to only complicate the work of malware detectors, attackers also use the "CREATE2" mechanism. This allows them to approve the withdrawal of funds to an empty address that cannot be identified.
Blockaid specialists stressed that they are already developing a fix that will protect users' wallets from new hacker schemes. They also added that they had already contacted the EigenLayer protocol team and warned them about the scams.