MetaMask Denies $10 Million Wallet Hack Was MetaMask Exploit

fiverr
MetaMask Deny Wallet Draining is Due to Exploit
Coinbase



Self-custodial MetaMask has denied claims by Taylor Monahan of MyCrypto that a recent multiple-wallet hack was a MetaMask-specific exploit.

According to the wallet provider, an attacker withdrew 5,000 Ethereum (ETH), worth about $10 million, from different addresses across 11 blockchains rather than only from MetaMask users.

MyCrypto CEO Retracts, Says Attack Vector Not Obvious

It confirmed that its security team was working with other affected wallet providers to determine the source of the attack.

MetaMask’s response follows a Twitter thread by Taylor Monahan claiming that an attacker stole funds through a MetaMask-specific exploit that affected long-standing users and MetaMask employees. 

Minergate

Monahan, the CEO and co-founder of MyCrypto claimed to have unearthed a months-long 5,000 ETH exploit. The founder alleged that the attacker was “sending” smaller “txns [transactions] via MetaMask,” draining crypto from long-time users and employees. She clarified later in the thread that the exploit was not specific to the platform.

Monahan also confirmed that the hack also affected users of Ledger Live, MyCrypto, Trust, and Exodus wallets. She speculated earlier that the attack originated from a data leak.

Crypto wallets are software applications holding special strings called keys used to transfer crypto without an intermediary. MetaMask allows a user to hold and transfer ETH or any ETH-based token.

Blockchain security specialist SlowMist’s founder said that the keys may have been part of a larger data breach and only discovered later to be crypto keys.

On April 14, the wallet’s developer ConsenSys confirmed a data breach affecting over 7,000 users. 

Hackers gained unauthorized access to a MetaMask customer service provider who sent phishing emails to users who contacted the service provider between August 2021 and February 2023.

The scam emails requested that users update their Know-Your-Customer information, resulting in economic losses for three customers. ConsenSys later confirmed that MetaMask itself was safe to use.

Before that, scammers sent unsolicited emails to users through compromised Namecheap email providers. The scam asked users for their secret recovery phrase, a string of words users need to recover their private keys.

For Be[In]Crypto’s latest Bitcoin (BTC) analysis, click here.

Disclaimer

In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content.



Source link

Coinbase

Be the first to comment

Leave a Reply