Accéder au contenu principal

Hackers Now Exploit New Feature To Bypass Security Alerts

In a concerning trend, hackers, specifically wallet drainers, have begun to leverage the CREATE2 opcode on the Ethereum network to sidestep security measures in select wallets. This development was revealed on Sunday via an X post by blockchain security company Scam Sniffer. 

Over $60 Million Lost To Hackers Via CREATE2 Exploit, Report Says

The CREATE2 opcode was designed to allow the prediction of a contract address before deployment. Most notably, it is used by prominent decentralized exchange Uniswap to facilitate the creation of pair contracts. 

However, using this feature, cybercriminals have found a way to bypass security checks in regard to investor wallets. Scam Sniffer explains that hackers use CREATE2 to effortlessly generate momentary new addresses, each with a malicious signature. 

When unsuspecting investors sign this crafted signature, the hackers deploy a contract at the predicted address and process an unauthorized transfer of assets. Using this technique, these bad actors have been able to operate undetected, siphoning large amounts of funds from innocent victims.

Speaking about a sample incident, Scam Sniffer explains how a victim lost $927,000 worth of GMX on Sunday after unknowingly authorizing a “signalTransfer” transaction that allowed hackers to withdraw these assets to a pre-computed contract address. 

In total, Scam Sniffer revealed that the main group of wallet drainers exploiting the CREATE2 feature has so far stolen $60 million from an estimated 99,000 victims in the last six months. 

Meanwhile, during a discussion with SlowMist, another prominent blockchain security firm, Scam Sniffer learned a separate group of hackers has been using the same technique in address poisoning.

Since August, findings reveal that this second group has stolen nearly $3 million worth of assets from 11 victims, of which $1.6 million belonged to a single victim. In wrapping up its report, Scam Sniffer reminds crypto users to stay on alert and verify every transaction, as the continuous cycle of detection and counter-detection in the crypto space will likely not end.

Beyond Hacks, Crypto Scams Remain A Peril

Just like hacks, crypto scams are also still considered a major source of concern for many investors. According to FootPrint x Boesin’s H1 2023 security report, scams resulted in a total asset loss of $184.17 million, accounting for 28% of losses recorded by investors in the first half of the year. 

Notably, Scam Sniffer has reported two major scam incidents over the last 48 hours in which both victims lost a combined $468, 000 worth of assets. These attacks only underscore the continuous need for enhanced security measures in the cryptocurrency ecosystem. 

Total crypto market valued at $1.382 trillion on the daily chart | Source: TOTAL chart on Tradingview.com

Featured image from iStock, chart from Tradingview




Source link

The post Hackers Now Exploit New Feature To Bypass Security Alerts appeared first on Job From Home Blog.

Commentaires

Posts les plus consultés de ce blog

15 Profitable Ideas for 2023

If you’ve honed your photography skills and learned how to take high-quality photos, you may be wondering how to make money from photography. While your photography passion could just stay a hobby, if you have a keen eye for taking a great shot, you can cash in and enjoy a new income stream. Whether you’re an aspiring photographer just starting out or a professional photographer looking to bump up your earnings, this article is going to review different ways to make money from your talents online and offline. How to Make Money from Photography Online Read on to learn how to make money from your photography talents in the online marketplace. 1. Photography Blog A top way to make money with photography is to start your own website. Once you’ve learned how to start a blog , you need to create content regularly and promote your articles on social media. As traffic levels start to increase, you can monetize your site with adverts and affiliate marketing partnerships. A few ideas ...

Jojobet (464)

Jojobet bahis adresi ua – En Güvenilir Bahis Sitesi 2021 Jojobet bahis adresi ua – En Güvenilir Bahis Sitesi 2021 Geri dönüşü yüksek bir heyecana hazır olun! Heybetli rekabet atmosferinde keyifli bir oyun deneyimi sunan öncü bir bahis platformuna hoş geldiniz. İnternetin en güvenilir ve güçlü adreslerinden biri olarak, size en üst düzey kalite standartlarına sahip online bahis fırsatlarını sunmaktan gurur duyuyoruz. Bahis ve şans oyunları tutkunlarının beklentilerini aşan kapsamlı hizmetlerimizle sizi unutulmaz bir yolculuğa çıkarmak için buradayız. Profesyonel ekibimiz, Türkiye’nin en donanımlı ihtiyaçlarına uygun olarak sürekli yenilenen bahis seçenekleriyle geniş bir kumarhane atmosferi ile etkileyici deneyimler sunar. Farklı spor dallarında eşsiz tahmin ve analiz araçlarıyla dolu olan platformumuz, kazandıran oranlarla sizden tam not alacaktır. En yeni teknolojik yazılım alt yapımız sayesinde, kesintisiz ve sorunsuz oyunculuk deneyiminin tadını çıkarabilirsiniz. Şansın, yetene...

$3 Million Stolen In ‘Kraken’ Crypto Con

The surge in online scams has drawn heightened regulatory attention towards the crypto industry. A recent case serves as a vivid reminder of the risks involved, where a Connecticut resident became a victim of a significant scam, losing more than $3 million to individuals falsely purporting to be associated with Kraken, a well-known cryptocurrency exchange. The victim, who remains unnamed, was based in Westport and followed advice to transfer funds out of a retirement account, intending to reinvest the money in an account supposedly linked to Kraken. However, their decision led to more than $3 million swiftly disappearing into crypto wallets they could not access. Recovery Of Stolen Crypto Funds Fortunately, the victim sought help from law enforcement, and local detectives, collaborating with the state’s Organized Crime Task Force, launched an investigation. This diligent effort enabled them to trace the transactions and freeze accounts involved in the scam. While they managed to r...