According to Cointelegraph: A malicious actor has escalated attacks on Safe Wallet users over the last week, profiting over $2 million via 'address poisoning' techniques. These activities have contributed to the attacker's illicit earnings, currently gauged to be at least $5 million from about 21 victims over the past four months.
As reported by Web3 scam detection platform Scam Sniffer on Dec. 3, approximately ten Safe Wallets lost $2.05 million to the address poisoning attacks from Nov. 26. The attacker also managed to siphon $400,000 from a wallet that held $10 million in crypto.
Address poisoning involves creating a bogus address identical to a target's regular transactional address, with matching beginning and ending characters. The attacker then sends a small amount of crypto from the deceptive address to the target, 'poisoning' their transaction history. Consequently, the victim could potentially copy the wrong address from their transaction logs, redirecting funds to the attacker's wallet.
An instantiation of this attack attributed to the same actor involves $1.45 million lost in USDC by real-world asset lending protocol Florence Finance on Nov. 30. Both the 'poison' and actual address began with "0xB087" and ended with "5870."
In November, Scam Sniffer revealed that hackers were exploiting Ethereum’s 'Create2' Solidity function to circumvent wallet security warnings, aiding in thefts amounting to around $60 million from almost 100,000 victims in six months. The Create2 function allows cybercriminals to pre-calculate contract addresses, which are later unveiled once the victim sanctions a fraudulent signature or transfer request. A group has reportedly stolen nearly $3 million from 11 victims since August using this technique.
