Top Stories

Metamask Wallet Hijacking Case On Rise – Alert.

Leading cybersecurity firm CipherTrace has published a warning after noting a surge in reports over the past 24 hours of users’ funds being hacked by an illicit Chrome browser extension posing as popular cryptocurrency wallet MetaMask.

The warning was issued under the headline “ALERT: Malicious Crypto Browser Extension – Masked MetaMask” and reported the firm had seen “an uptick of alerts and comments within the web cryptocurrency community of users’ funds being stolen.”

In response to online criticism that MetaMask isn’t doing enough to steer its users faraway from potentially harmful websites and downloads, MetaMask’s Chief Product Officer Jacob Cantele asked on Twitter what more should they do?

“How can we improve? Presently we’re warning in multiple places within the products, we maintain a phishing detector that warns about tens of thousands of malicious sites, we do regular security marketing campaigns, and that we have legal resources to trying to urge these sites removed.”

Links to fake MetaMask sites are being inadvertently reposted by crypto projects and reportedly show up frequently as Google Ads above the primary results in Google searches for the term “metamask.”

The scam works like this: After arriving at a phishing website that appears a bit like the original MetaMask site or downloading a malicious browser extension, users are directed to enter their 12-word seed to attach their wallet. The seed is captured by the phisher and therefore the wallet drained of funds.

Metamask Wallet Hijacking Case On Rise - Alert.

MetaMask added that the simplest way to avoid being phished is to download the software only from its official site, or from inside the Google Chrome store, but never by clicking links on other websites.

For those that have already got the MetaMask Chrome extension installed, MetaMask will display a warning in bright red if a user attempts to go to an internet site previously reported as a phishing site.

MetaMask users who are unsure if an internet site has been reported as malicious are encouraged to go to CryptoScamDB and enter the website URL or IP address where it’ll be cross-referenced against a database of a reported scam as well as phishing websites.

Earlier in October, MetaMask revealed that it had surpassed a million active users on a monthly basis, largely because of the acceleration of the DeFi trend over the summer and fall. Rising Ethereum prices and an outsized user base suggest that this kind of phishing attack won’t be seen gone anytime soon.

Leave a Comment

Your email address will not be published. Required fields are marked *