Unmasking the Ethereum Heist: $60M Pilfered Over Six Months
![](/media/articles/1699948831.jpg)
Criminals have employed a code known as Create2 to elude security alerts during the process of users endorsing malicious signatures, allowing them to pilfer over $60 million in cryptocurrency within a span of six months, as disclosed by investigative entity ScamSniffer.
1/ Wallet Drainers are misusing Create2 to bypass security alerts in some wallets by generating new addresses for each malicious signature.
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) November 12, 2023
After a discussion with @SlowMist_Team, a group has employed the same technique in Address Poisoning to steal $3M since Aug. pic.twitter.com/yCdJs6Zke7
These malicious actors leverage Create2, a code utilized by platforms like Uniswap to forecast a contract's address before it becomes operational on the Ethereum network. Through the misuse of Create2, these perpetrators swiftly generate temporary wallet addresses for fund reception once a user engages with a deceitful signature. Users, when initiating fund transfers or interacting with smart contracts, are typically prompted to "approve" a signature. Hackers exploit this authorization process, embedding hidden permissions within the signature to compromise a user's wallet.
The ingenious use of Create2 serves to bypass the customary security alerts that would normally caution users before confirming such signatures. Research findings from ScamSniffer and SlowMist suggest that approximately $60 million has been siphoned from nearly 99,000 victims over the past half-year.
A specific group has harnessed the Create2 code to abscond with $3 million from 11 victims since August. The prevalence of cryptocurrency-related hacks and exploits has escalated in recent months, exemplified by the Poloniex exchange succumbing to a $114 million loss due to a hot wallet breach just last week. Additionally, victims of the LastPass breach experienced a staggering $4.4 million loss in a single day in October.
Read More: Unlocking Opportunities: HashKey Exchange Welcomes Uniswap (UNI) for Professional Investors
Trending
![](/media/articles/thumb/1713207994.jpg)
![](/media/articles/thumb/1713207052.jpg)
Press Releases
Deep Dives
![](/media/articles/thumb/1713202119.jpg)
![](/media/articles/thumb/1702819494.jpg)
![](/media/articles/thumb/1702815162.jpg)