Share this article
Ethereum Wallet Drainer Steals $60M in Six Months
Hackers are using a piece of code called Create2 to bypass security alerts when users sign malicious signatures.
Updated Nov 13, 2023, 3:56 p.m. Published Nov 13, 2023, 3:56 p.m.
Hackers that stole more than $60 million worth of crypto in six months are using a piece of code to bypass security alerts after maliciously gaining access to private keys, according to on-chain sleuth ScamSniffer.
The wallet drainers are misusing Create2, a piece of code that is used by the likes of Uniswap to predict the address of a contract before it is deployed on the Ethereum network.
STORY CONTINUES BELOW
Don't miss another story.Subscribe to the Crypto Daybook Americas Newsletter today. See all newsletters
By misusing Create2, wallet drainers can instantly create temporary wallet addresses to receive funds after a user clicks on a malicious signature. When users send funds or interact with a smart contract, they will be prompted to "approve" a signature, hackers often disguise permissions within this signature to gain access to a user's wallet.
The use of Create2 bypasses security alerts that would typically warn a user before signing the signature.
Research from ScamSniffer and SlowMist estimates that $60 million has been stolen from around 99,000 victims in the past six-months.
One group has been using the Create2 code to steal $3 million from 11 victims since August.
Cryptocurrency-related hacks and exploits have become prevalent in recent months with exchange Poloniex losing $114 million in a hot wallet breach last week. Victims of the LastPass breach also lost $4.4 million in a single day in October.
More For You
What to know:
- As of October 2025, GoPlus has generated $4.7M in total revenue across its product lines. The GoPlus App is the primary revenue driver, contributing $2.5M (approx. 53%), followed by the SafeToken Protocol at $1.7M.
- GoPlus Intelligence's Token Security API averaged 717 million monthly calls year-to-date in 2025 , with a peak of nearly 1 billion calls in February 2025. Total blockchain-level requests, including transaction simulations, averaged an additional 350 million per month.
- Since its January 2025 launch , the $GPS token has registered over $5B in total spot volume and $10B in derivatives volume in 2025. Monthly spot volume peaked in March 2025 at over $1.1B , while derivatives volume peaked the same month at over $4B.
More For You
TradFi giant EquiLend backs Digital Prime to link $40 trillion pool with tokenized markets
The partnership will focus on Tokenet, Digital Prime's institutional lending network, and introduce new features like regulated stablecoin collateral.
What to know:
- EquiLend made a minority investment in Digital Prime Technologies, a regulated crypto financing provider, to expand into tokenized assets and digital markets.
- The relationship will focus on Tokenet, Digital Prime's institutional lending network, and introduce new features like regulated stablecoin collateral.
- The investment aims to provide continuity across asset classes, meeting institutions' growing demand for governance and transparency in digital markets.
Top Stories
