Scam Alert: MetaMask Wallet Discovers Critical Security Vulnerability
Scams related to crypto wallet and gateway MetaMask are on the rise amid developments including the Ethereum Merge and Cardano’s Vasil hard fork. The scam Twitter account “@MetaMaskUpdates” on Wednesday warned users about a critical security issue with the MetaMask protocol. It claims the security issue allows attackers to withdraw assets from any user’s wallet without a password or recovery phrase. Also, it advised users to immediately update MetaMask to mitigate issues and secure their funds.
MetaMask Scam on Critical Security Issue
The scam Twitter account uses the name of Jen Luker, security project manager of MetaMask Wallet, to warn users about the critical security issue faced by the protocol. It claims users failing to update the MetaMask app or web software risks losing all assets on their MetaMask wallet.
CoinGape team discovered that the fake Twitter account has 22.2K Twitter followers and retweeted several tweets from the original MetaMask’s Twitter account. The link mentioned on the Twitter account and the website has security risks and misspellings. Also, links on the website are found to be broken. Users are recommended to be alert.
It makes users believe that MetaMask received over 50,000 individual complaints reporting assets, coins, and NFTs stolen from their wallets. Users, including MetaMask employees, reported a widespread breach in the MetaMask protocol.
“Earlier this month, we were made aware of an exploit which enables bad actors to abuse MetaMask’s identification protocol and withdraw all assets from user wallets without having any access to their password or recovery phrase.”
The scam also detailed how attackers misused two functions within the MetaMask extension code to withdraw any MetaMask user’s assets. However, the security team has developed an update to patch this critical vulnerability. As attackers are actively exploiting the issue, all users are required to immediately update their MetaMask extensions.
Rising Scams Amid Important Crypto Developments
Scams seem to have increased amid the Ethereum Merge and Cardano’s Vasil hard fork updates. Blockchain security platform PeckShieldAlert has also warned users about a MetaMask airdrop scam on September 22.
Recently, Indian crypto exchange CoinDCX’s Twitter account was compromised and exploiters shared links to a fraudulent XRP Giveaway. It happened as the XRP price skyrocketed amid rising positive sentiments regarding Ripple’s win against the SEC.
- Polymarket Hits $20B in Trading Volume, Announces Plans for Massive POLY Token Airdrop
- James Wynn Takes XRP Long Bet After Ripple Prime Announcement
- Nasdaq-Listed Bonk Holdings Makes First Major Purchase of $32M, Nears 3% of Total Supply
- Binance-based Meme Coin GIGGLE Fund Shoots 145% on Exchange Listing News
- ASTER Gets Major Boost as Project Launches Token Buyback Program, Expert Predicts $10 Spike
- HBAR Price Targets 50% Jump as Hedera Unleashes Massive Staking Move
- Chainlink Price Outlook: Analyst Predicts $100 as Reserve Adds 63K LINK
- SUI Price Prediction as TVL and Monthly DEX Volume Hit All-Time Highs- What’s Next?
- PUMP Price Prediction as Whales Accumulate 4.2B Tokens- Is 135% Rally Next?
- Dogecoin Price Crash Looms as Flag, Death Cross, Falling DOGE ETF Inflows Coincide
- Solana Price Prediction as Osprey’s S-1 Filing and Hong Kong’s ETF Launch Fuel Reversal Hopes- Is $250 Next?
Why Trust CoinGape
CoinGape has covered the cryptocurrency industry since 2017, aiming to provide informative insights Read more…to our readers. Our journal analysts bring years of experience in market analysis and blockchain technology to ensure factual accuracy and balanced reporting. By following our Editorial Policy, our writers verify every source, fact-check each story, rely on reputable sources, and attribute quotes and media correctly. We also follow a rigorous Review Methodology when evaluating exchanges and tools. From emerging blockchain projects and coin launches to industry events and technical developments, we cover all facets of the digital asset space with unwavering commitment to timely, relevant information.
