Hacker Withdraws Over 2 Million USD From Safe Wallet – What’s Going On?
2 min readA hacker stole over 2 million USD from Safe Wallet users through address theft last week, bringing the total number of victims to 21.
Multiple blockchain security companies have detected suspicious activity in various transactions, resulting in Safe Wallet losses totaling 2 million USD.
On December 3, cryptocurrency fraud detection platform Sacm Sniffer wrote on X (formerly Twitter) that about 20 wallets last Lost 2.05 million USD to address poisoning attacks, adding that the same attacker drained 5 million USD from 21 users in the last four months.
about ~10 Safe wallets have lost $2.05 million to "address poisoning" attacks in the past week.
the same attacker has stolen $5 million from ~21 victims in the past four months so far. pic.twitter.com/fu4kxaI3py
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) December 3, 2023
Dune Analytics also reported on the development of Scam Sniffer, which published the affected wallets and the time span of the stolen assets, citing the source Address Poisoning pointed out.
Address poisoning is an old tactic used by bad actors to trick users into sending assets to the wrong wallets . A hacker creates an almost identical address, which usually has the same starting and ending characters.
The scammer then “poisons” the transaction history by regularly sending similar amounts of funds to the target wallet in order to trick the victim into copying the scammer’s wallet from the transaction history and sending new funds to the address.
Florence financial saga
Last week, Scam Sniffer reported on another case of address poisoning in which a fraudster stole assets worth 1.5 million USD. It is reported that Florence Finance transferred the funds from Safe Wallet to the address that contaminated the transfer history.
In a calculated move, the malicious actor deployed a contaminated address generated by create2 before converting the address to DAI to avoid freezing after taking possession of the asset.
This type of incident has occurred before, as Scam Sniffer reported that SlowMist conducted a similar transaction with create3, resulting in the loss of 1.66 million USD in assets.
According to the blockchain security company, the transaction history UI shows that the last four digits of wallet addresses are closely related, causing the victim to copy the address.
It was also noted that one particular user was quite lucky as the wallet had total assets of 10 million USD, but only 400,000 USD was lost due to address poisoning.
Hacker Withdraws Over 2 Million USD: Users need to be extra careful to change the course of things
In recent years, there has been a sharp increase in cryptocurrency scams, resulting in millions in losses, weakened investor confidence, and increased regulatory scrutiny.
While hackers use a variety of tactics to drain virtual asset platforms, some incidents can be prevented or reduced with appropriate monitoring and additional controls by the platform and users.
Platforms can send a reminder every time a transfer is made to a new wallet, while users should rely on something other than transaction history and always cross-check.
Crypto exchanges with the lowest fees 2023