A Prolific Crypto Thief Steals Over $2 Million from Safe Wallet Users
In the past week, a crypto thief using a technique called “address poisoning” has managed to siphon over $2 million from Safe Wallet users. This brings the total amount stolen to approximately $5 million from 21 victims over the past four months. The attacker creates wallet addresses that look similar to the targeted user’s actual wallet, tricking them into sending funds to the wrong address.
How Address Poisoning Works
The attacker uses Ethereum’s Create2 function to predict what new addresses will look like. They then send small token deposits from a fake address to the victim’s wallet, making it appear legitimate. Users mistakenly copy the fraudulent address and send larger sums of money to the scammer’s wallet instead of the intended recipient.
$2 Million Stolen in Recent Attacks
During Thanksgiving week, at least ten Safe Wallet users fell victim to address poisoning attacks. One user with over $10 million in assets on their wallet misdirected $400,000 to the hacker. In total, $2.05 million was stolen from Safe Wallet victims. The same attacker also stole $1.45 million from Florence Finance using similar techniques.
Address poisoning attacks highlight the importance of verifying full addresses before signing transactions. Users should triple-check recipient addresses and enable multi-factor authentication for added security.
Hot Take: Staying Vigilant Against Address Poisoning Attacks
As crypto platforms shorten addresses for clarity and asset transfers become more time-sensitive, address poisoning is becoming a credible threat. To protect yourself, always verify recipient addresses and consider using hardware wallets with affirmation prompts. For decentralized apps and protocols, additional measures such as warning prompts for never-transacted addresses and strict anomaly detection can help counter address spoofing risks. Until better standard protections are in place, it’s crucial to stay vigilant and avoid any lapses in judgment when it comes to crypto transactions.
By
By
By
By
