“Rising Threat: Hackers Exploit Ethereum’s CREATE2 Opcode, Draining Millions from Investor Wallets”

In a troubling development, hackers, particularly wallet drainers, are now utilizing the CREATE2 opcode on the Ethereum network to bypass security measures in select wallets. This revelation comes from blockchain security firm Scam Sniffer, which disclosed the exploit in a recent post. The CREATE2 opcode, initially designed for predicting contract addresses, is being manipulated by cybercriminals to generate temporary addresses with malicious signatures. These crafted signatures, when signed by unsuspecting investors, allow hackers to deploy a contract at the predicted address and execute an unauthorized transfer of assets.

Scam Sniffer highlighted a specific incident where a victim lost $927,000 worth of GMX after unwittingly authorizing a “signalTransfer” transaction. This allowed hackers to withdraw assets to a pre-computed contract address. Shockingly, the main group exploiting the CREATE2 feature has reportedly stolen over $60 million from around 99,000 victims in the last six months.

Furthermore, another hacking group identified by SlowMist has been employing the same technique in address poisoning since August, pilfering nearly $3 million in assets. Scam Sniffer emphasizes the importance of crypto users staying vigilant, verifying every transaction, and acknowledging the perpetual cycle of detection and counter-detection in the crypto space.

Beyond these hacks, crypto scams remain a significant threat, contributing to a total asset loss of $184.17 million in H1 2023, according to FootPrint x Boesin’s security report. In the last 48 hours alone, Scam Sniffer reported two major scam incidents resulting in a combined loss of $468,000 worth of assets. These incidents underscore the urgent need for enhanced security measures in the cryptocurrency ecosystem.