Hackers have stolen over $60 million worth of crypto from nearly 100,000 victims in the past six months by exploiting a piece of Ethereum code to bypass security alerts, according to research from on-chain investigator ScamSniffer and security firm SlowMist. The wallet drainers are misusing a function called Create2, which is normally used by decentralized apps like Uniswap to predict the address of a smart contract before deployment. By abusing Create2, the hackers can generate disposable wallet addresses to receive stolen funds after a user interacts with a malicious signature. This type of cybercrime is becoming increasingly sophisticated, with one group alone having drained $3 million in crypto from 11 victims since August. Overall, ScamSniffer and SlowMist estimate that around $60 million has been stolen from 99,000 victims in the past six months. The rise of Create2-based wallet exploits highlights the need for extra vigilance when it comes to crypto-related cybercrime. As hackers devise more methods to siphon funds from unsuspecting victims, it is important to remember that even trusted blockchain code can potentially be weaponized for theft at scale.
This is bad news for crypto users as the amount of money stolen is increasing. It is important for users to be extra vigilant when using crypto, as hackers are becoming more sophisticated in their methods of theft. #Crypto #Cybercrime #Ethereum #Create2
You can read more about this topic here: Watcher Guru: Hackers Steal $60 Million in Crypto Using Ethereum Code