Ethereum Wallets Drained: Hackers Swipe $60 Million Using Sneaky Code

The world of cryptocurrency is facing a new threat as hackers employ a technique to steal funds from Ethereum wallets, making off with a staggering $60 million in just six months. ScumSniffer, an on-chain investigator, revealed the alarming trend where miscreants use a portion of the Create2 code, often employed by major protocols like Uniswap. This code is used to "predict" the contract address before deploying it on the network.

Create2 enables criminals to instantly generate temporary addresses to receive stolen funds. When a victim interacts with a compromised smart contract, they receive a notification requiring them to approve a signature. During this process, signature requests are often disguised. Once confirmed, all funds are siphoned off by the hackers.

The use of Create2 allows perpetrators to circumvent security warnings that typically alert users before signing. According to researchers, approximately 99,000 wallets have fallen victim to such manipulations in the last six months.

Furthermore, experts have identified a hacker group that, since August, has autonomously stolen $3 million using the Create2 method. This highlights the increasing sophistication and audacity of cybercriminals targeting the cryptocurrency space.

It's worth noting that, in October, the damage from hacking incidents decreased to $51 million, marking an 85.6% drop compared to the previous month. However, recent reports, such as analyst ZachXBT's revelation of a $27 million crypto wallet breach, underscore the ongoing challenges in securing digital assets.