Ethereum Hackers Exploit Create2 Code, Stealing $60M in Six Months

  • Ethereum’s security is compromised as hackers employ Create2 code to drain wallets undetected.
  • Over $60 million in crypto assets stolen, impacting nearly 100,000 users.
  • “An ingenious yet alarming use of Ethereum’s features,” reports on-chain investigation team ScamSniffer.

Investigation reveals a sophisticated Ethereum wallet drainer exploiting the Create2 code, successfully bypassing security alerts and leading to substantial losses for users.

The Mechanics of the Create2 Exploit

Ethereum-ETH

According to ScamSniffer, hackers have manipulated a piece of Ethereum code, known as Create2, to bypass traditional security measures. Create2, typically used in applications like Uniswap for predicting contract addresses, has become a tool for malicious activities. By creating temporary wallet addresses, these drainers transfer funds unnoticeably after users unknowingly approve malicious signatures.

Bypassing Security Protocols

The exploitation of Create2 enables hackers to circumvent the usual security alerts that warn users of suspicious activities. This stealth approach has facilitated the unauthorized access to private keys and the subsequent draining of wallets. The signature approval process, often a security checkpoint, is now a vulnerability exploited by these attackers.

Impact and Scale of the Exploit

Research by ScamSniffer and SlowMist highlights the magnitude of this exploit: approximately $60 million stolen from about 99,000 victims in just six months. A specific group using this method amassed $3 million from 11 victims since August, showcasing the exploit’s effectiveness.

Wider Context: Rising Crypto Hacks and Exploits

This incident is part of a larger trend of cryptocurrency hacks. Recently, Poloniex exchange suffered a $114 million loss due to a hot wallet breach, and LastPass users lost $4.4 million in a single day in October. These incidents underline the escalating challenges in crypto asset security.

Conclusion

The Create2 exploit on Ethereum poses significant challenges to the security of digital assets. As hackers devise more sophisticated methods to bypass security protocols, the need for enhanced protective measures becomes increasingly vital. This incident serves as a stark reminder of the ongoing vulnerabilities within the cryptocurrency ecosystem.

Don't forget to enable notifications for our Twitter account and Telegram channel to stay informed about the latest cryptocurrency news.

BREAKING NEWS

Bitcoin Liquidation Alert on CEXs: $1.226B Shorts at $114K vs $1.603B Longs at $110K

The latest Coinglass data indicates that if Bitcoin breaches...

Bitcoin Nets 3,057 BTC Inflow to CEX in 24h — Kraken Leads, Binance Posts 832 BTC Outflow

COINOTAG (Sept 9) citing Coinglass data reports a 24-hour...

24,400 ETH Inflows to CEXs in 24 Hours: Binance Leads with 13,100 ETH, Bitfinex & Bybit Follow; Gemini Tops Outflows

COINOTAG reported on September 9, citing Coinglass data that...

Ethereum Liquidation Shock: Coinglass Warns $709M Shorts at $4,400 vs $1.96B Longs if Price Falls Below $4,200

Ethereum short liquidation metrics from Coinglass indicate that a...

MYX Suffers $46.89M in 24-Hour Liquidations, Leading Crypto Market — Coinglass

According to Coinglass data on September 9, the MYX...
spot_imgspot_imgspot_img

Related Articles

spot_imgspot_imgspot_imgspot_img

Popular Categories

spot_imgspot_imgspot_img