Safe Wallet Scam Escalates
A cybercriminal, infamous for crypto theft through “address poisoning,” has recently intensified their attacks against users of Safe Wallet. This surge in criminal activity has resulted in a staggering loss of over $2 million in just one week.
Ramping Up Attacks
The hacker, known for specializing in address poisoning, has significantly increased their attack frequency. This has led to 21 victims losing substantial amounts from their Safe Wallet accounts. The most recent data from Scam Sniffer, a Web3 scam detection platform, highlights a worrying trend of escalating attacks.
The Staggering Impact
Scam Sniffer’s report on Dec. 3 revealed that about ten Safe Wallets had lost $2.05 million since Nov. 26. Dune Analytics data, compiled by Scam Sniffer, indicates that the same attacker has been responsible for at least $5 million in thefts from approximately 21 victims over the past four months.
The Method: Address Poisoning
Address poisoning involves the attacker creating a wallet address that closely resembles the victim’s regular transaction addresses. The attacker then sends a small amount of crypto to the victim’s wallet from this new address, contaminating their transaction history. Unsuspecting victims might then accidentally use this similar-looking address for future transactions, inadvertently sending their funds to the attacker.
Recent High-Profile Attacks
A notable incident occurred on Nov. 30, involving the real-world asset lending protocol Florence Finance, which lost $1.45 million in USDC to such an attack. Blockchain security firm PeckShield reported how both the poisoned and real addresses shared similar beginning and ending characters, facilitating the scam.
Exploiting Ethereum’s ‘Create2’
Scam Sniffer also highlighted that hackers have been exploiting Ethereum’s ‘Create2’ Solidity function, which allows for the pre-calculation of contract addresses. This enables the creation of similar wallet addresses that are deployed after victims authorize a bogus transfer request. In the past six months, this technique has been a part of schemes leading to the theft of around $60 million from nearly 100,000 victims.
The security team at SlowMist reported that a group has been actively using Create2 since August, stealing nearly $3 million from 11 victims. The largest single theft amounted to $1.6 million. This continuous exploitation underlines the growing need for enhanced security measures in the blockchain and crypto space.
Cointelegraph has reached out to Safe Wallet for comments on these recent developments, awaiting their response to this escalating security crisis in the crypto world.