Unknown MetaMask error costs users more than $10 million
Non-custodial crypto wallet MetaMask users lost over $10.5 million due to an unknown exploit.
For the past 48hrs I’ve been unwinding a massive wallet draining operation ??
I don’t know how big it is but since Dec 2022 it’s drained 5000+ ETH and ??? in tokens / NFTs / coins across 11+ chains.
Its rekt my friends & OGs who are reasonably secure.
No one knows how. pic.twitter.com/MafntG7RkP
— Tay ? ? (@tayvano_) April 18, 2023
Taylor Monahan, the MetaMask developer, said that since December 2022, thanks to a bug, the attacker has withdrawn more than 5,000 ETH and an unknown amount of tokens from 11 different blockchains.
According to Monahan, no one on the team knows how the exploit works, so the exact extent of the damage cannot be determined.
According to the investigation, the attacker targeted addresses created between 2014 and 2022.
Typically, a few hours after the initial breach, the hacker returns to drain the remaining assets, while swapping tokens for Ethereum. About a week later, the attacker converts the stolen funds to Bitcoin and sends the coins to a crypto mixer.
Monahan also warned that the exploit is not like ordinary phishing or fraud. It is more aimed at “crypto veterans” who have experience protecting their digital assets.
My best guess rn is that someone has got themselves a fatty cache of data from 1+ yr ago & is methodically draining the keys as they parse them from the treasure trove.
But that’s just a guess. I *don’t* know.
It is NOT cryptographic/entropy related tho, don’t waste your time.
— Tay ? (@tayvano_) April 18, 2023
My most probable assumption is that someone obtained a fat data set more than a year ago and began methodically extracting the keys as users view them in their wallet. […] This is not related to cryptography or entropy, don’t waste your time,” said Monahan.
For safety, the developer advised investors to spread funds across different addresses and to purchase a hardware wallet.
Monahan found that the exploit is not limited to MetaMask. The problem affected all wallets, including hardware wallets or those generated for the Ethereum presale.
To be completely clear: this is NOT a MM-specific exploit.
Users of *all* wallets, even those created on a hardware wallet or generated for the Ethereum presale, have been impacted by this.
This source of this exploit is unidentified, and I’m trying to identify it.
— Tay ? (@tayvano_) April 18, 2023
According to her, there are no specific criteria by which the hacker can be tracked. The victims used different operating systems and applications; some stored passwords in the cloud, while others did not. The compromised keys also varied in length.
In February, the MetaMask team warned about phishing attacks from spoofed addresses of the company.
In March, the wallet developers patched a privacy bug that arose when interacting with decentralized applications.
Рассылки ForkLog: держите руку на пульсе биткоин-индустрии!