In a concerning trend, hackers, specifically wallet drainers, have begun to leverage the CREATE2 opcode on the Ethereum network to sidestep security measures in select wallets. This development was revealed on Sunday via an X post by blockchain security company Scam Sniffer. 

Over $60 Million Lost To Hackers Via CREATE2 Exploit, Report Says

The CREATE2 opcode was designed to allow the prediction of a contract address before deployment. Most notably, it is used by prominent decentralized exchange Uniswap to facilitate the creation of pair contracts. 

However, using this feature, cybercriminals have found a way to bypass security checks in regard to investor wallets. Scam Sniffer explains that hackers use CREATE2 to effortlessly generate momentary new addresses, each with a malicious signature. 

When unsuspecting investors sign this crafted signature, the hackers deploy a contract at the predicted address and process an unauthorized transfer of assets. Using this technique, these bad actors have been able to operate undetected, siphoning large amounts of funds from innocent victims.

Speaking about a sample incident, Scam Sniffer explains how a victim lost $927,000 worth of GMX on Sunday after unknowingly authorizing a “signalTransfer” transaction that allowed hackers to withdraw these assets to a pre-computed contract address. 

In total, Scam Sniffer revealed that the main group of wallet drainers exploiting the CREATE2 feature has so far stolen $60 million from an estimated 99,000 victims in the last six months. 

Meanwhile, during a discussion with SlowMist, another prominent blockchain security firm, Scam Sniffer learned a separate group of hackers has been using the same technique in address poisoning.

Since August, findings reveal that this second group has stolen nearly $3 million worth of assets from 11 victims, of which $1.6 million belonged to a single victim. In wrapping up its report, Scam Sniffer reminds crypto users to stay on alert and verify every transaction, as the continuous cycle of detection and counter-detection in the crypto space will likely not end.

Beyond Hacks, Crypto Scams Remain A Peril

Just like hacks, crypto scams are also still considered a major source of concern for many investors. According to FootPrint x Boesin’s H1 2023 security report, scams resulted in a total asset loss of $184.17 million, accounting for 28% of losses recorded by investors in the first half of the year. 

Notably, Scam Sniffer has reported two major scam incidents over the last 48 hours in which both victims lost a combined $468, 000 worth of assets. These attacks only underscore the continuous need for enhanced security measures in the cryptocurrency ecosystem. 


Total crypto market valued at $1.382 trillion on the daily chart | Source: TOTAL chart on

Featured image from iStock, chart from Tradingview

6 thoughts on “Hackers Now Exploit New Feature To Bypass Security Alerts”
  1. Wow, awesome weblog format! How long have you been running a blog for?
    you make blogging look easy. The overall glance of your site
    is wonderful, as well as the content! You can see similar: dobry sklep and here sklep

  2. You actually make it appear so easy together with your presentation but I find this topic to be really
    one thing that I feel I would never understand. It seems too complex and extremely huge for me.

    I’m taking a look forward for your subsequent publish,
    I will try to get the hold of it! I saw similar here: sklep online and also here: sklep

  3. Hi there, just became aware of your blog through Google, and found that it is really informative.
    I am going to watch out for brussels. I’ll be grateful if you continue this in future.
    Numerous people will be benefited from your writing. Cheers!
    I saw similar here: E-commerce

  4. Hey! Do you know if they make any plugins to help with
    Search Engine Optimization? I’m trying to get my blog to rank for some targeted keywords but
    I’m not seeing very good gains. If you know of any please share.
    Many thanks! You can read similar text here:

Leave a Reply

Your email address will not be published. Required fields are marked *