Accéder au contenu principal

Hackers Now Exploit New Feature To Bypass Security Alerts

In a concerning trend, hackers, specifically wallet drainers, have begun to leverage the CREATE2 opcode on the Ethereum network to sidestep security measures in select wallets. This development was revealed on Sunday via an X post by blockchain security company Scam Sniffer. 

Over $60 Million Lost To Hackers Via CREATE2 Exploit, Report Says

The CREATE2 opcode was designed to allow the prediction of a contract address before deployment. Most notably, it is used by prominent decentralized exchange Uniswap to facilitate the creation of pair contracts. 

However, using this feature, cybercriminals have found a way to bypass security checks in regard to investor wallets. Scam Sniffer explains that hackers use CREATE2 to effortlessly generate momentary new addresses, each with a malicious signature. 

When unsuspecting investors sign this crafted signature, the hackers deploy a contract at the predicted address and process an unauthorized transfer of assets. Using this technique, these bad actors have been able to operate undetected, siphoning large amounts of funds from innocent victims.

Speaking about a sample incident, Scam Sniffer explains how a victim lost $927,000 worth of GMX on Sunday after unknowingly authorizing a “signalTransfer” transaction that allowed hackers to withdraw these assets to a pre-computed contract address. 

In total, Scam Sniffer revealed that the main group of wallet drainers exploiting the CREATE2 feature has so far stolen $60 million from an estimated 99,000 victims in the last six months. 

Meanwhile, during a discussion with SlowMist, another prominent blockchain security firm, Scam Sniffer learned a separate group of hackers has been using the same technique in address poisoning.

Since August, findings reveal that this second group has stolen nearly $3 million worth of assets from 11 victims, of which $1.6 million belonged to a single victim. In wrapping up its report, Scam Sniffer reminds crypto users to stay on alert and verify every transaction, as the continuous cycle of detection and counter-detection in the crypto space will likely not end.

Beyond Hacks, Crypto Scams Remain A Peril

Just like hacks, crypto scams are also still considered a major source of concern for many investors. According to FootPrint x Boesin’s H1 2023 security report, scams resulted in a total asset loss of $184.17 million, accounting for 28% of losses recorded by investors in the first half of the year. 

Notably, Scam Sniffer has reported two major scam incidents over the last 48 hours in which both victims lost a combined $468, 000 worth of assets. These attacks only underscore the continuous need for enhanced security measures in the cryptocurrency ecosystem. 

Total crypto market valued at $1.382 trillion on the daily chart | Source: TOTAL chart on Tradingview.com

Featured image from iStock, chart from Tradingview




Source link

The post Hackers Now Exploit New Feature To Bypass Security Alerts appeared first on Job From Home Blog.

Libellés :

Commentaires

Enregistrer un commentaire

Posts les plus consultés de ce blog

Hong Kong SFC Raises Alert Over MEXC Imposter

The Hong Kong Securities and Futures Commission (SFC) has issued an alert on a suspected fraudulent platform impersonating the presence and operations of a popular cryptocurrency exchange MEXC. This development comes from a joint operation between the Hong Kong regulator and the local police force aimed at uncovering illicit activities of virtual asset trading platforms (VATPs). SFC Warns Hong Kong Citizens Of Fraudulent Trading Platform According to an announcement on February 9, the SFC is warning crypto enthusiasts and investors of an ambiguous trading platform that operates under the name “MEXC.” In a joint investigation with the Hong Kong police, the securities market regulator discovered that “MEXC” has lured several investors into becoming members of group chats in which it claimed to offer “free investment advice.” Through this medium, “MEXC” was able to direct unsuspecting investors into depositing funds through fraudulent websites in order to purchase cryptocurrencies. Th...
Enregistrer un commentaire
Lire la suite

What’s In Store For Bitcoin With 85% Of Holders In Profit

Amidst a renewed wave of optimism sweeping through the broader cryptocurrency landscape, the resurgence of Bitcoin (BTC) to the pivotal $37,500 price threshold has become a catalyst for positive shifts. At present, a staggering 85% of Bitcoin holders find themselves in a profitable position, a testament to the resilience and potential of the leading cryptocurrency. Encouragingly, key indicators hint at the likelihood of this percentage expanding in tandem with Bitcoin’s upward trajectory. Making Money With Bitcoin As the market plummeted from its all-time high in November 2021, the amount of Bitcoin supply in profit has reportedly hit levels last observed two years ago, according to Glassnode. The analytics service also stated that the amount of unrealized profit contained in these currencies is still very small. Based on the latest figures from blockchain analytics website IntoTheBlock, some 85% of Bitcoin holders are profitable at the current price of the first cryptocurrency,...
Enregistrer un commentaire
Lire la suite

Instagram Is Experimenting With an Option To Add Files to DMs

What if you could send files in your IG DMs? That may soon be an option, with app researcher Alessandro Paluzzi uncovering this process in the back-end data of the app. As you can see in this example, Instagram’s experimenting with a new option that would let you add files to your messages as attachments. Which is not overly surprising. You can already send documents within WhatsApp , and on Messenger (in limited capacity), and with Meta still working to integrate all of its messaging platforms into a single system , it makes sense that it would also need to replicate the functionality of each, to ensure full parity. So, basically, every function within Messenger, IG Direct and/or WhatsApp will eventually be available in each other app, as that will then enable Meta to link them all together into a singular messaging system. As such, I do think this is coming, and is more than just an experiment, which will provide expanded functionality within your IG DMs, and could be handy...
Enregistrer un commentaire
Lire la suite