Recently, hackers have used the Ethereum network’s CREATE2 opcode to bypass wallet security alarms in certain wallets. Using Create2’s pre-calculation feature, the Drainers can produce unique addresses for every malicious signature. After the victim signs the malicious signature, these addresses are deployed.
Source: GBHackers