Ethereum’s CREATE2: A Double-Edged Sword in Blockchain Security

March 18, 2024, 1:05 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

By Oded Vanunu, Dikla Barda, Roman Zaikin

Ethereum’s CREATE2 function is being exploited by attackers to compromise the security of digital wallets, bypassing traditional security measures and facilitating unauthorized access to funds.

The attack method involves tricking users into approving transactions for smart contracts that haven’t been deployed yet, allowing cybercriminals to later deploy malicious contracts and steal cryptocurrencies.

This vulnerability highlights the need for enhanced security measures in wallet security products to adapt to the evolving tactics of cybercriminals, …

access attack attackers blockchain bypassing compromise contracts cybercriminals digital digital wallets ethereum exploited function funds security security measures smart smart contracts transactions unauthorized unauthorized access wallets

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

US advances on cyber goals amid rapidly changing threat environment, White House says 3 minutes ago | malware.news

address attacks challenges changing +18

Dozens of organizations worldwide claimed to be compromised by LockBit an hour ago | malware.news

article claim compromised cybernews +14

Ransomware attack disrupts Kansas city an hour ago | malware.news

article attack bleepingcomputer city +15

Widespread RCE compromise likely with critical TinyProxy bug an hour ago | malware.news

article attacks bug code +23

MedStar breach impacts 183K patients an hour ago | malware.news

article breach compromised cybernews +12

Shortcomings of updated US critical infrastructure defense policy evaluated an hour ago | malware.news

administration article biden biden administration +25

Cybersecurity qualms increased by AI an hour ago | malware.news

advanced article artificial artificial intelligence +14

Enhancing SOC security: Introducing Pure Signal™ Scout Insight 2 hours ago | malware.news

alert alert fatigue analysis analyst +24

Sonatype Lifecycle best practices: Reference policies, backup and restore 2 hours ago | malware.news

article backup backup and restore best practices +25

Product Regulatory Compliance Specialist

@ Avery Dennison | Oegstgeest, Netherlands

View on infosec-jobs.com

Cyber Security Analyst

@ FinClear | Melbourne, Australia

View on infosec-jobs.com

Senior Application Security Manager, United States-(Virtual)

@ Stanley Black & Decker | New Britain CT USA - 1000 Stanley Dr

View on infosec-jobs.com

Vice President - Information Security Management - FedRAMP

@ JPMorgan Chase & Co. | Chicago, IL, United States

View on infosec-jobs.com

Vice President, Threat Intelligence & AI

@ Arctic Wolf | Remote - Minnesota

View on infosec-jobs.com

Cybersecurity Analyst

@ Resource Management Concepts, Inc. | Dahlgren, Virginia, United States

View on infosec-jobs.com

View more jobs

all InfoSec news

Ethereum’s CREATE2: A Double-Edged Sword in Blockchain Security

Ethereum’s CREATE2 function is being exploited by attackers to compromise the security of digital wallets, bypassing traditional security measures and facilitating unauthorized access to funds.

The attack method involves tricking users into approving transactions for smart contracts that haven’t been deployed yet, allowing cybercriminals to later deploy malicious contracts and steal cryptocurrencies.

This vulnerability highlights the need for enhanced security measures in wallet security products to adapt to the evolving tactics of cybercriminals, …

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Jobs in InfoSec / Cybersecurity

Product Regulatory Compliance Specialist

Cyber Security Analyst

Senior Application Security Manager, United States-(Virtual)

Vice President - Information Security Management - FedRAMP

Vice President, Threat Intelligence & AI

Cybersecurity Analyst