Scam Alert: MetaMask Wallet Discovers Critical Security Vulnerability

Scams related to crypto wallet and gateway MetaMask are on the rise amid developments including the Ethereum Merge and Cardano’s Vasil hard fork. The scam Twitter account “@MetaMaskUpdates” on Wednesday warned users about a critical security issue with the MetaMask protocol. It claims the security issue allows attackers to withdraw assets from any user’s wallet without a password or recovery phrase. Also, it advised users to immediately update MetaMask to mitigate issues and secure their funds.
MetaMask Scam on Critical Security Issue
The scam Twitter account uses the name of Jen Luker, security project manager of MetaMask Wallet, to warn users about the critical security issue faced by the protocol. It claims users failing to update the MetaMask app or web software risks losing all assets on their MetaMask wallet.
CoinGape team discovered that the fake Twitter account has 22.2K Twitter followers and retweeted several tweets from the original MetaMask’s Twitter account. The link mentioned on the Twitter account and the website has security risks and misspellings. Also, links on the website are found to be broken. Users are recommended to be alert.
It makes users believe that MetaMask received over 50,000 individual complaints reporting assets, coins, and NFTs stolen from their wallets. Users, including MetaMask employees, reported a widespread breach in the MetaMask protocol.
“Earlier this month, we were made aware of an exploit which enables bad actors to abuse MetaMask’s identification protocol and withdraw all assets from user wallets without having any access to their password or recovery phrase.”
The scam also detailed how attackers misused two functions within the MetaMask extension code to withdraw any MetaMask user’s assets. However, the security team has developed an update to patch this critical vulnerability. As attackers are actively exploiting the issue, all users are required to immediately update their MetaMask extensions.
Rising Scams Amid Important Crypto Developments
Scams seem to have increased amid the Ethereum Merge and Cardano’s Vasil hard fork updates. Blockchain security platform PeckShieldAlert has also warned users about a MetaMask airdrop scam on September 22.
Recently, Indian crypto exchange CoinDCX’s Twitter account was compromised and exploiters shared links to a fraudulent XRP Giveaway. It happened as the XRP price skyrocketed amid rising positive sentiments regarding Ripple’s win against the SEC.
- Ethereum and BMNR Rallies as BitMine Drops $1B on ETH, Analyst Hails “Most Bullish Setup Yet”
- ASTER Deposits Flows Into Binance Wallets Following CZ Endorsement, Listing Incoming?
- Avalanche Treasury Seals $675M Deal With Mountain Lake to Build $1B AVAX Vehicle
- Just In: Nasdaq-Listed VivoPower Raises $19M in Equity to Expand XRP Treasury Holdings
- Solana Price Rallies 5% as Nasdaq-listed VisionSys Launches $2B SOL Treasury Strategy
- Cardano Price Forecast As Hashdex Listing Fuels Optimism For $1.27 Breakout
- BONK Price Rally Ahead? Open Interest Jumps as TD Buy Signal Flashes
- Shiba Inu Price to Surge as Whales Buy and Team Commits to Shibarium Growth
- XRP Price Prediction After Ripple CTO David Schwartz Resigns
- SUI Price Eyes $4.5 as Coinbase Futures Listing Sparks Market Optimism
- Chainlink Price Holds $20 Support Amid Tokenization With DTA Standard Progress – Is $47 Next?