ChainCatcher news, according to official sources, security company GoPlus has issued an alert about a "new type of predicted address attack." It is reported that attackers exploit the characteristics of create2 to pre-calculate the blank address where the contract will be deployed, then deceive users into granting authorization. Since the blank address can bypass the security company's black address marking and security monitoring, once users authorize, the attackers will deploy the contract at this address and transfer the users' assets.In addition, this attack has the following characteristics:Create2 is a deployment method that can predict the generated contract address, allowing attackers to first deceive users into granting authorization and then deploy the contract.Since the contract is not deployed at the time of authorization, the attack address is an empty EOA address, so it will not be recorded by any detection tools, making it highly covert.GoPlus reminds users to be vigilant against phishing attacks from the source, to memorize commonly used protocol URLs or use browser bookmarks to manage official websites. Additionally, carefully check whether the authorized object is a blank (EOA) address during signature authorization, as there may be significant risks.

ChainCatcher news, Scam Sniffer posted on social media stating that Wallet Drainer abuses Create2 to bypass security alerts in certain wallets by generating a new address for each malicious signature.It is understood that the CREATE2 opcode allows users to predict the address of a contract before it is deployed to the Ethereum network. Uniswap uses CREATE2 to create Pair contracts.Using Create2, Drainer can easily generate temporary new addresses for each malicious signature. After the victim signs the signature, the drainer creates a contract at that address and transfers the user's assets. Their motivation is to bypass wallet security checks.In the past six months, such drainers have stolen nearly $60 million from about 99,000 victims. Since August, an organization has used the same technique in Address Poisoning, continuously stealing nearly $3 million in assets from 11 victims, with one victim losing as much as $1.6 million.Yuxian, the founder of Slow Mist, stated: "This phishing technique is feasible, using Create2 to pre-create funding receiving addresses (which will only be created once the phishing is successful, and it is a contract address; otherwise, this address has nothing), thus bypassing many wallet security detection mechanisms. Let's see which wallets can keep up and enhance their security in time."