Blockchain security firm warns of new MetaMask phishing campaign
Blockchain security firm Halborn has warned users of the latest phishing emails doing the rounds. A cybersecurity firm has issued warnings over a new phishing campaign targeting users of the popular crypto wallet MetaMask.In a July 28 post written by Halborn's technical education specialist Luis Lubeck, the active phishing campaign used emails to target MetaMask users and trick them into giving out their passphrase. The firm analyzed scam emails it received in late July to warn users of the new scam. Halborn noted that at initial glance, the email looks authentic with a MetaMask header and....
Related News
The latest MetaMask phishing scam asks users for their seed phrase in a Google Docs form posing as an official support portal. Crypto wallet provider MetaMask has alerted its users of a new phishing bot that attempts to steal their seed phrases.In a tweet published Monday, May 3, MetaMask warned users that the bot attempts to direct users to a purported “instant support” portal where they are prompted to enter information into a Google Docs form.PHISHING ALERT!: a new type of phishing bot is becoming active. Comes from an account that looks “normal” (but few followers) Helpfully suggests....
Phishers are coming after MetaMask users in increasingly clever ways. Cyber Security firm CipherTrace has issued a warning after noting a surge in reports over the past 24 hours of users funds being stolen by a malicious Chrome browser extension posing as popular crypto wallet MetaMask.The warning was issued under the headline "ALERT: Malicious Crypto Browser Extension—Masked MetaMask" and reported the company had seen "an uptick of alerts and comments within the online cryptocurrency community of users’ funds being stolen."In response to online criticism that MetaMask is not doing enough....
The firm warned that If an Apple user has enabled automatic iCloud backups of their MetaMask wallet data, their seed phrase is being stored online. ConsenSys-owned crypto wallet provider MetaMask has sent out a warning to the community regarding Apple iCloud phishing attacks. The security issue for iPhone, Mac, and iPad users is related to default device settings which see a user’s seed phrase or “password-encrypted MetaMask vault” stored on the iCloud if the user has enabled automatic backups for their app data. In a Twitter thread posted on April 18, MetaMask noted that users run the....
A crypto intelligence firm has raised red flags about an increasing flow of comments in the crypto community about an ongoing phishing campaign, which is stealing funds from people who install a malicious browser extension. Chrome Browser Extension Is Redirecting Crypto Users to a Fake Metamask Site According to an alert published by Ciphertrace, since December 2, 2020, they have been noticing “an uptick of alerts and comments” about crypto funds stolen via a Chrome browser extension posing as the ethereum (ETH)-based wallet Metamask. The fraudulent extension redirects victims....
"Ultimately, we've learned that our password encryption feature's security was partially undermined by browser behavior," said the team at MetaMask. On Wednesday, MetaMask said that it uncovered a critical security vulnerability in older versions of its crypto wallet with the help of security researchers at Halborn. The security firm was awarded a bounty of $50,000 for the discovery. For users of the MetaMask extension before version 10.11.3, three necessary conditions would have led to the potential vulnerability. They are: (1) an unencrypted hard drive, (2) having imported a secret....