Safe Wallet scammer steals $2M through 'tackle poisoning' in one week

0

A crypto hacker specializing in “tackle poisoning assaults” has managed to steal over $2 million from Safe Wallet customers alone in the previous week, with its complete sufferer depend now reaching 21. 

On Dec. 3, Web3 rip-off detection platform Scam Sniffer reported that round ten Safe Wallets misplaced $2.05 million to address poisoning attacks since Nov. 26.

According to Dune Analytics information compiled by Scam Sniffer, the identical attacker has reportedly stolen at the least $5 million from round 21 victims in the previous 4 months.

Scam Sniffer, reported that one of the victims even held $10 million in crypto in a Safe Wallet, however “fortunately” solely misplaced $400,000 of it. 

Address poisoning is when an attacker creates a similar-looking tackle to the one a focused sufferer often sends funds to — often utilizing the identical starting and ending characters.

The hacker usually sends a small quantity of crypto from the newly-created pockets to the goal to “poison” their transaction historical past. An unwitting sufferer may then mistakingly copy the look-alike tackle from transaction historical past and ship funds to the hacker’s pockets as a substitute of the meant vacation spot.

Cointelegraph has reached out to Safe Wallet for touch upon the matter.

A current high-profile tackle poisoning assault seemingly carried out by the identical attacker occurred on Nov. 30 when real-world asset lending protocol Florence Finance misplaced $1.45 million in USDC.

At the time, blockchain safety agency PeckShield, which reported the incident, confirmed how the attacker could have been in a position to trick the protocol, with each the poison and actual tackle starting with “0xB087” and ending with “5870.”

In November, Scam Sniffer reported that hackers have been abusing Ethereum’s ‘Create2’ Solidity operate to bypass pockets safety alerts. This has led to Wallet Drainers stealing round $60 million from nearly 100,000 victims over six months, it famous. Address poisoning has been one of the strategies they used to build up their ill-gotten features.

Related: What are address poisoning attacks in crypto and how to avoid them?

Create2 pre-calculates contract addresses, enabling malicious actors to generate new related pockets addresses that are then deployed after the sufferer authorizes a bogus signature or switch request.

According to the safety group at SlowMist, a bunch has been utilizing Create2 since August to “continuously steal nearly $3 million in assets from 11 victims, with one victim losing up to $1.6 million.”

Magazine: Should crypto projects ever negotiate with hackers? Probably