Safe Wallet Targeted, Over $2M Stolen By Hacker

An anonymous hacker embezzled over $2 million from Safe Wallet wallets yesterday, using a perfidious address poisoning technique to siphon funds from more than 10 users. This type of hacking has already affected more than twenty victims in 4 months, resulting in losses exceeding $5 million.

Hacker embezzles over $2 million from Safe Wallet

On December 3, the crypto scam detection platform Scam Sniffer reported that about 20 wallets of Safe Wallet have been targeted via address poisoning attacks, totaling 2.05 million in losses. The same hacker is said to have been responsible for the embezzlement of $5 million belonging to 21 users over the last 4 months.

Address poisoning consists in creating an almost identical address, differing only by a few characters. The hacker then regularly sends small sums of money to this false address. The transaction history is thus “contaminated”, prompting victims to copy this fraudulent address mistakenly.

Scam Sniffer also reported another case of poisoning last week, where a malefactor stole $1.5 million in assets Safe Wallet after contaminating the transfer history with an address linked to Florence Finance. To avoid freezing the stolen funds, the hacker quickly converted them into DAI stablecoins.

According to the cybersecurity company Sniffer, this ploy by hacking is not isolated. SlowMist had indeed shared a similar transaction with asset losses amounting to $1.66 million.

An elaborate ruse to abuse vigilance

These incidents are part of a worrying trend of cryptocurrency scams that have siphoned off staggering sums. Although fraudsters’ schemes are becoming ever more complex, some thefts could have been avoided by tightening control measures.

The misleading interface encourages users to copy the fraudulent address, as it differs only in the last 4 digits. One lucky user even got away with only $400,000 out of $10 million held.

To solve this problem, platforms could set up notifications for each transfer to a new wallet. Users should always meticulously validate addresses before transferring, and not rely solely on transaction history, which is easy to manipulate.

In addition, coordination between regulators, exchange platforms and blockchain players is essential to trace and freeze stolen funds, with the aim of returning them to victims and deterring such schemes.

While the potential of cryptos is undeniable, their widespread adoption requires their security to be considerably strengthened. Users need to be extremely cautious, while the industry needs to put in place safeguards to counter the growing ingenuity of fraudsters. Investor confidence and the future of blockchain depend on it. If you’d like to test another wallet, don’t hesitate to try out the one from our partner D’Cent!