A crypto hacker employing “address poisoning” tactics has stepped up attacks, fleecing Safe Wallet users of over $2 million in the past week. Scam Sniffer disclosed that, since November 26, around ten Safe Wallets fell victim to this scheme, losing a total of $2.05 million. Data from Dune Analytics suggests the same attacker has pilfered at least $5 million from 21 victims in the last four months.
Address poisoning involves creating a deceptively similar address to a victim’s usual transaction destination. The attacker contaminates the transaction history by sending a small amount of crypto to the target. Unwitting victims may unknowingly send funds to the hacker’s wallet, thinking it’s the intended recipient. One victim, holding $10 million in crypto, fortunately only lost $400,000.
The hacker’s recent high-profile attack on November 30 targeted Florence Finance, resulting in a loss of $1.45 million. PeckShield, a blockchain security firm, revealed the attacker’s strategy, where both the poisoned and real addresses started with “0xB087” and ended with “5870.”
Scam Sniffer previously warned of hackers exploiting Ethereum’s ‘Create2’ Solidity function, bypassing wallet security alerts. Wallet Drainers stole about $60 million from nearly 100,000 victims over six months using this method. Address poisoning played a role in their illicit gains.
Crypto Hacker’s $3M Create2 Heist Sparks Security Alert
Create2 facilitates the generation of new, similar wallet addresses by pre-calculating contract addresses. These are deployed after the victim unwittingly authorizes a fraudulent signature or transfer request. SlowMist’s security team uncovered a group using Create2 since August, consistently stealing nearly $3 million from 11 victims, with one individual losing up to $1.6 million.
In November, Scam Sniffer exposed hackers continuously abusing Create2, emphasizing the urgency of addressing vulnerabilities in the system. With numerous victims falling prey to these malicious actors, there’s an escalating need for enhanced security measures to safeguard crypto assets from such sophisticated attacks. The crypto community is on high alert as these criminals exploit innovative techniques to siphon funds from unsuspecting users.
Related Reading | Coinbase Unveils Turbocharged Transaction Plans with Solana Integration
Furthermore, the author’s views are for reference only and shall not constitute investment advice. Before purchasing, please ensure you fully understand and assess the products and associated risks.
Comments (No)