In a concerning trend, hackers, specifically wallet drainers, have begun to leverage the CREATE2 opcode on the Ethereum network to sidestep security measures in select wallets. This development was revealed on Sunday via an X post by blockchain security company Scam Sniffer.
Over $60 Million Lost To Hackers Via CREATE2 Exploit, Report Says
The CREATE2 opcode was designed to allow the prediction of a contract address before deployment. Most notably, it is used by prominent decentralized exchange Uniswap to facilitate the creation of pair contracts.
However, using this feature, cybercriminals have found a way to bypass security checks in regard to investor wallets. Scam Sniffer explains that hackers use CREATE2 to effortlessly generate momentary new addresses, each with a malicious signature.
When unsuspecting investors sign this crafted signature, the hackers deploy a contract at the predicted address and process an unauthorized transfer of assets. Using this technique, these bad actors have been able to operate undetected, siphoning large amounts of funds from innocent victims.
1/ Here is a real case happened 9 hours ago
A victim lost $927k worth of $GMX after signing a `signalTransfer(address receiver)` transaction to the GMX Reward Router on Arbitrum.https://t.co/kB2Je5a0pK https://t.co/78k82fbRfk pic.twitter.com/izfKPeBW9p
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) November 12, 2023
Speaking about a sample incident, Scam Sniffer explains how a victim lost $927,000 worth of GMX on Sunday after unknowingly authorizing a “signalTransfer” transaction that allowed hackers to withdraw these assets to a pre-computed contract address.
In total, Scam Sniffer revealed that the main group of wallet drainers exploiting the CREATE2 feature has so far stolen $60 million from an estimated 99,000 victims in the last six months.
Meanwhile, during a discussion with SlowMist, another prominent blockchain security firm, Scam Sniffer learned a separate group of hackers has been using the same technique in address poisoning.
Since August, findings reveal that this second group has stolen nearly $3 million worth of assets from 11 victims, of which $1.6 million belonged to a single victim. In wrapping up its report, Scam Sniffer reminds crypto users to stay on alert and verify every transaction, as the continuous cycle of detection and counter-detection in the crypto space will likely not end.
Beyond Hacks, Crypto Scams Remain A Peril
Just like hacks, crypto scams are also still considered a major source of concern for many investors. According to FootPrint x Boesin’s H1 2023 security report, scams resulted in a total asset loss of $184.17 million, accounting for 28% of losses recorded by investors in the first half of the year.
Notably, Scam Sniffer has reported two major scam incidents over the last 48 hours in which both victims lost a combined $468, 000 worth of assets. These attacks only underscore the continuous need for enhanced security measures in the cryptocurrency ecosystem.
