Wallet Drainers abuse Create2 to bypass security alerts in some wallets by generating new addresses for each malicious signature. Since August 10, a group has used the same technique in address poisoning to steal $3 million. Today a user lost $927,000 worth of GMX after signing a "signalTransfer (address recipient)" transaction on Arbitrum to the GMX Reward Router. This method gives the "recipient" permission to withdraw his or her LP tokens. . The recipient 0xbD2BF58Be46619B7A22cE9457e1D51A10B82EB91 is a pre-calculated contract address, which was created when Drainer transferred the asset.