BleepingComputer reports that cryptocurrency assets worth $60 million have been stolen from 99,000 individuals in attacks leveraging Ethereum’s Create2 opcode, which enables smart contract creation on the blockchain, over a six-month period. Threat actors have exploited Create2 to establish new contract addresses meant to evade wallet security alerts and store stolen cryptocurrency assets, with one of the victims losing $927,000 worth of GMX after signing a contract that facilitated asset transfers to a pre-calculated address, according to a report from Scam Sniffer.
Source: SC Magazine