- Safe wallet users have lost about $2 million to scammers over the last week.
- Exploiting the vulnerabilities in the crypto space.
Cryptocurrency enthusiasts find themselves increasingly at risk as a sophisticated hacker exploits a technique known as “address poisoning,” resulting in cumulative losses exceeding $5 million over the past four months.
The attacker, identified as the same individual responsible for a recent high-profile attack on Florence Finance, has escalated activities against Safe Wallet users.
In the last week alone, approximately ten Safe Wallets fell victim to this method, resulting in losses exceeding $2 million and bringing the total count of victims to 21.
Address poisoning is a cyber threat tactic where the perpetrator generates a counterfeit address resembling one that the targeted victim frequently uses. Typically, the fraudulent address shares similar starting and ending characters.
See Also: Fake Elon Musk YouTube Streams Lead To $165k Crypto Scam
The hacker initiates a small cryptocurrency transfer from the fabricated wallet to the victim’s account, effectively “poisoning” their transaction history.
Consequently, an unsuspecting victim may unintentionally copy the false address from their transaction history, leading to funds being sent to the hacker’s wallet instead of the intended recipient.
Data compiled by Scam Sniffer from Dune Analytics reveals that the same hacker has utilized this method to pilfer at least $5 million from 21 victims within the last four months.
Notably, one victim held $10 million in cryptocurrency within a Safe Wallet but incurred a loss of $400,000, emphasizing the severity of the threat.
The hacker’s tactics extend beyond targeting Safe Wallets, as demonstrated by an attack on November 30 against Florence Finance, resulting in a $1.45 million loss.
Blockchain security firm PeckShield shed light on the attacker’s ability to deceive the protocol by utilizing addresses with identical prefixes and suffixes, mirroring the address poisoning methodology observed in other attacks.
See Also: What A Surprise? Paris Court Cleared Platypus Hackers Of All Charges
Address poisoning is compounded by the exploitation of Ethereum’s ‘Create2’ Solidity function, a vulnerability first reported by Scam Sniffer in November.
Hackers leverage ‘Create2’ to bypass wallet security alerts, facilitating the theft of approximately $60 million from nearly 100,000 victims over six months.
Create2 pre-calculates contract addresses, enabling malicious actors to generate new addresses that closely resemble those of their victims.
Once the victim unknowingly authorizes a forged signature or transfer request, the imposter addresses are deployed, resulting in significant financial losses.
Security experts at SlowMist reported that a group has been leveraging the Create2 function since August, stealing nearly $3 million in assets from 11 victims. In one case, a victim suffered losses of up to $1.6 million.
The ongoing exploitation of Create2 underscores the critical need for enhanced security measures within the cryptocurrency space. As the hacker’s proficiency in address poisoning attacks continues to evolve, cryptocurrency users must remain vigilant.
Adhering to best practices, such as verifying transaction details and utilizing secure wallets, becomes paramount in mitigating the risk of falling victim to these increasingly sophisticated attacks.
See Also: Most Crypto Hacks in November Have Justin Sun’s Platforms At The Center
Furthermore, collaboration within the cryptocurrency community is imperative for developing and implementing robust security protocols. These measures will help to safeguard users against evolving threats in the dynamic digital asset landscape.
