Ethereum Create2 Function Abused To Bypass Security And Steal Cryptocurrency

Malicious actors exploit Ethereum's 'Create2' function to evade wallet security alerts and compromise cryptocurrency addresses, resulting in a theft of $60 million from 99,000 individuals over six months. 'Scam Sniffer,' Web3 anti-scam specialists, documented instances of this abuse, with individual losses reaching up to $1.6 million. Create2, an Ethereum opcode introduced in the 'Constantinople' upgrade, allows the pre-calculation of smart contract addresses before deployment. While providing powerful tools for developers, Create2 also introduces security risks and new attack vectors. Read more...