Hackers targeting the Ethereum blockchain have managed to scam nearly 100,000 individuals out of $60 million over the last six months using a feature that allows them to predict and create temporary addresses for transactions. This malicious scheme, known as “address poisoning,” leverages the Create2 function to dupe victims into sending money to lookalike addresses.

The attackers exploit the fact that most users only check the first and last few characters of an address, rather than the entire string, making it easier for scammers to create addresses that appear legitimate. Additionally, they bypass the second security measure of sending a test transaction by forwarding it to the actual address, thereby avoiding detection.

This fraudulent activity has resulted in significant losses for victims, with one individual reportedly losing up to $1.6 million.

As a result, users are being urged to thoroughly scrutinize the entire address before sending any funds, in order to protect themselves from falling victim to this scam.

The alarming findings are detailed in a new report by Scam Sniffer, shedding light on the sophisticated tactics employed by hackers to exploit vulnerabilities in the Ethereum network.

For more detailed information, click here.