A crypto hacker executing “address poisoning attacks” has illicitly obtained over $2 million from Safe Wallet users in the past week, bringing the total victim count to 21. Scam Sniffer reported that around ten Safe Wallets lost $2.05 million to such attacks since November 26.
The attacker, as per Dune Analytics data, has stolen at least $5 million from approximately 21 victims over the past four months. Address poisoning involves creating a similar-looking address to the victim’s regular one, tricking them into sending funds to the hacker’s wallet instead. A recent address poisoning attack on Florence Finance saw the protocol lose $1.45 million on November 30.
PeckShield, a blockchain security firm, highlighted the attacker’s ability to trick the protocol using addresses starting with “0xB087” and ending with “5870.” Scam Sniffer revealed that hackers have been exploiting Ethereum’s ‘Create2’ Solidity function to bypass wallet security alerts, accumulating around $60 million from nearly 100,000 victims over six months. Address poisoning is one of the methods employed in these attacks. In the Create2 method, malicious actors pre-calculate contract addresses, generating new similar wallet addresses deployed after victims authorize bogus signature or transfer requests. A group has reportedly used Create2 since August to continuously steal nearly $3 million in assets from 11 victims, with one losing up to $1.6 million, according to the security team at SlowMist.
Reference:
