Scam Sniffer: Wallet Drainer has stolen approximately 60 million dollars in the past six months using Create2 phishing techniques

ChainCatcher news, Scam Sniffer posted on social media stating that Wallet Drainer abuses Create2 to bypass security alerts in certain wallets by generating a new address for each malicious signature.

It is understood that the CREATE2 opcode allows users to predict the address of a contract before it is deployed to the Ethereum network. Uniswap uses CREATE2 to create Pair contracts.

Using Create2, Drainer can easily generate temporary new addresses for each malicious signature. After the victim signs the signature, the drainer creates a contract at that address and transfers the user's assets. Their motivation is to bypass wallet security checks.

In the past six months, such drainers have stolen nearly $60 million from about 99,000 victims. Since August, an organization has used the same technique in Address Poisoning, continuously stealing nearly $3 million in assets from 11 victims, with one victim losing as much as $1.6 million.

Yuxian, the founder of Slow Mist, stated: "This phishing technique is feasible, using Create2 to pre-create funding receiving addresses (which will only be created once the phishing is successful, and it is a contract address; otherwise, this address has nothing), thus bypassing many wallet security detection mechanisms. Let's see which wallets can keep up and enhance their security in time."