Gone in 60 Seconds Hackers Swipe $60 Million from Ethereum Wallets Using Create2 Code

Hackers Steal $60 Million From Ethereum Wallets Using Create2 Code

Hackers have been on a stealing spree in the world of crypto, whisking away more than $60 million worth of digital assets in just six months. And the tool they’ve been using to commit these crimes? None other than Ethereum wallets with Create2, according to the crypto Sherlock Holmes, ScamSniffer.

You might be wondering, what on earth is Create2? Well, it’s a sneaky code component employed by platforms like Uniswap that allows hackers to predict a contract’s address before it’s actually deployed on the Ethereum network. Think of it as having the ability to forecast the exact location of someone’s secret treasure stash before they’ve even dug the hole. Now that’s some next-level clairvoyance!

So how are these crafty hackers taking advantage of Create2? They’ve discovered a way to pre-calculate contract addresses, giving them the power to generate new addresses for each malicious signature. Picture it like this: they’re using a magical spellbook that lets them create an infinite number of secret doors, each leading to a new wallet. And just like in a heist movie, they’re slipping through these secret doors undetected.

But wait, there’s more! When unsuspecting users send funds or interact with a contract, they’re asked to “approve” a signature. It’s like giving the green light for a spaceship to take off. Well, these hackers are exploiting this process by hiding unauthorized permissions within the signature. It’s as if they’re worming their way into a user’s wallet disguised as a harmless space tourist, only to reveal their true nefarious intentions once they’re inside.

• Spanish Regulators Get Tough on Crypto Ad Violations, All Eyes on X
• Crypto Hackers Pulling Off the Great Heist
• Optimism Welcomes Ryan Wyatt as Chief Growth Officer, Hoping He Brings the Magic Touch

What’s even crazier is that Create2 allows these hackers to bypass security alerts that would typically serve as a warning sign for users. It’s like walking straight past the fiercely barking guard dogs outside a mansion and strolling in undisturbed. No alarms, no flashing lights, just smooth sailing for the cunning criminals.

Now, let’s talk numbers. ScamSniffer and SlowMist have done some detective work and found that around $60 million has been snatched from approximately 99,000 victims over the past six months. It’s like a swarm of stealthy pickpockets targeting unsuspecting travelers in a crowded market. And if that’s not enough, another group of hackers has been silently pocketing $3 million from 11 victims since August. These guys clearly know how to feast while the world is sleeping!

But fear not, my fellow digital asset investors. There are heroes in this story. Take Binance, for example. They were almost tricked into sending $20 million to a fake address. But like a ninja catching a ninja, they spotted the error right after the transaction and managed to freeze the transferred assets in time. Kudos to Binance for their lightning-fast reflexes!

Unfortunately, these cryptocurrency-related hacks and exploits seem to be on the rise. It’s like a new breed of villains is emerging from the shadows, seeking to exploit any weakness they can find. Just look at the recent hot wallet breach at Poloniex, causing a loss of $114 million. It’s as if these hackers have become masters of disguise, gradually infiltrating every corner of the crypto world.

So, my dear investors, as you tread through the digital jungle of crypto, be vigilant! Keep an eye out for suspicious activity and always double-check those addresses. After all, in this thrilling game of cat and mouse, it’s important to stay one step ahead of the crafty hackers. Stay safe and happy investing!  

Psst! Have you ever encountered a crypto villain? Share your story in the comments below! Let’s expose these digital rogues together!

We will continue to update Blocking; if you have any questions or suggestions, please contact us!