According to a security warning released by GoPlusEco, attackers are using the "create2" function to pre-calculate the address where the contract will be deployed and then deceive users into granting permission. Because these blank addresses can bypass address tagging and security monitoring by security companies, once users grant permission, the attacker will deploy the contract to that address and transfer the user's assets out. The characteristics of this attack are:

1. "Create2" is a deployment method that allows for predictive creation of contract addresses, enabling attackers to deceive users into granting permission before deploying the contract.

2. Since the contract has not yet been deployed when authorization is granted, the attack address is an empty EOA (externally owned account) address, which is invisible to detection tools and highly concealed.

It is recommended to be vigilant against phishing attacks from the source, and it is crucial to remember to use commonly used protocol URLs or browser bookmark management for official websites. Additionally, carefully check whether the address authorized during the signature period is a blank (EOA) address, as this may pose significant risks.