Scam Sniffer posted on X platform that Wallet Drainer abuses Create2 to bypass security alerts in certain wallets by generating a new address for each malicious signature. It is understood that the CREATE2 opcode allows users to predict the address of a contract before it is deployed to the Ethereum network. Uniswap uses CREATE2 to create Pair contracts. Using Create2, Drainer can easily generate temporary new addresses for each malicious signature. After the victim signs the signature, the Drainer creates a contract at that address and transfers the user's assets. The motivation is to bypass wallet security checks. In the past six months, Drainers of this type have stolen nearly $60 million from approximately 99,000 victims. Since August, an organization has used the same technique in Address Poisoning to steal assets worth nearly $3 million from 11 victims, with one victim losing as much as $1.6 million. Yuan Cos, founder of SlowMist, commented: "This phishing trick is clever. Using Create2 to pre-create the funding receiving address (which is a contract address that does nothing until the phishing is successful), this can bypass many wallet security checks. Let's see which wallets can keep up and enhance their security measures in time."
All Comments