Hacker Exploits Safe Wallet Users, Stealing Nearly $2 Million

A crypto hacker who used sophisticated “address poisoning attacks” on 21 people stole nearly $2 million from Safe Wallet users in the last week alone.

The malicious actor, identified by Scam Sniffer’s analysis of Dune Analytics, is said to have stolen $5 million from 21 victims over the last four months.

Between November 26 and December 3, approximately 10 Safe Wallet users were victims of address poisoning attacks, resulting in $2.05 million in losses. This represents a significant increase in the hacker’s activity.

According to Scam Sniffer’s investigation, the perpetrator of these attacks has targeted 21 victims in the last four months, extorting a total of $5 million. Despite having $10 million in crypto, one victim reportedly “luckily” lost $400,000.

Address-poisoning attacks involve the hacker creating an address with the same beginning and ending characters as the victim’s.

The hacker intends to “poison” the victim’s transaction history by sending a small amount of cryptocurrency from a newly created wallet.

If the victim copies the look-alike address by mistake, subsequent transfers may be directed to the hacker’s wallet rather than the intended recipient.

Notably, on November 30th, lending protocol Florence Finance was subjected to a significant address poisoning attack, resulting in a $1.45 million USDC loss. The attacker used addresses beginning with “0xB087” and ending with “5870,” indicating a consistent mode of operation.

The hacker’s ability to repeatedly exploit Safe Wallet users and carry out high-profile attacks highlights the ongoing threat that individuals and protocols in the crypto space face.