There’s reportedly been a nasty bug going around OG crypto holders, notably affecting one of the most critical parts of Web3 infrastructure: the MetaMask wallet. Over 5,000 ether (ETH) worth about $10.5 million have been stolen from crypto veterans using a variety of non-custodial wallets since December, crypto-skeptical news site Protos reported, citing an informal investigation done by MyCrypto founder Taylor Monahan.
It appears that developers at ConsenSys, the private blockchain software firm that’s built much of Ethereum’s open-source tooling, including the MetaMask wallet and Infura application toolkit, are investigating the exploit, which appears to be “deliberately” targeting people who should know the ins and outs of crypto self-custody and security.
This article is excerpted from The Node, CoinDesk's daily roundup of the most pivotal stories in blockchain and crypto news. You can subscribe to get the full newsletter here.
“This is NOT a low-brow phishing site or a random scammer. It has NOT rekt a single noob. It ONLY rekts OGs,” Monahan, who goes by “Tay” on Twitter, wrote. The attack is widespread, affecting keys created between 2014 and 2022 and at least 11 blockchains, according to Tay’s preliminary investigation. Monahan's on-chain sleuthing has found the unexplained vulnerability may impact "all wallets," including but not limited to MetaMask.
I mention this exploit not to spread fear, uncertainty and doubt – especially not about the most-used Web3 portal. As of now, it appears average or occasional users of MetaMask, or crypto users generally, aren’t being targeted. But it is a moment to remember a few wallet best practices and to take stock of your holdings. Because of the far-reaching nature of the attack and the pedigree of the victims, the fallout could be severe.
The most important thing now is not only making everyday crypto users feel safe and secure, but ensuring they actually are. In an email, a ConsenSys representative confirmed that the attack seems to be targeting early ETH adopters or people who work in the industry – or at least are active enough to be called "crypto native." Further, the representative stressed the attack stretches well beyond just MetaMask, and that the hacker's "on-chain behavior heavily suggests a private key compromise."
"What current investigations are showing is that it seems that this specific attack vector is pointing towards these users’ secret recovery phrases being compromised somewhere down the line, likely due to unintentionally insecure storage of said phrase," the MetaMask security team said.
The unknown attacker(s)
As mentioned, much about the attack and attacker(s) are still unknown. It’s not clear whether this is a coordinated effort by several skilled hackers or a lone actor, or whether multiple individuals found and are exploiting the same vulnerabilities. That said, the fact that most of the attacks have taken place between 10:00-13:00 UTC, according to Monahan, suggests it may be a single entity that received highly compromising information.
In her write-up, Monahan said the perpetrator may have received a cache of data that is helping him or her gain access to users’ private keys or wallet recovery phrases. She added emphatically that the issue is not related to MetaMask’s underlying cryptography and is not a social-engineering scam, as with phishing.
However, there are a few commonalities with the exploit: Most attacks have occurred on the weekend, and the exploiter swapped assets within a victim’s wallet for ether (often bypassing staked positions, non-fungible tokens and lesser-known coins), consolidating that ETH and then transferring it out. Often the attacker has gone back hours, days or weeks after an initial attack to sweep remaining funds, Monahan said.
The “theft and post-theft on-chain movement is VERY distinct,” Monahan said, hoping to open the doors to identifying the attacker and recovering assets. She added that several “recovery” attempts have been successful so far.
ConsenSys confirmed the attack over email, and said it encourages people to contact its support team "about any specific case." The firm acquired Monahan’s startup MyCrypto in February 2022, having implemented MyCrypto’s “scam blocklist” (aka CryptoScamDB), which was used to protect MetaMask users from visiting known scam URLs in 2017, according to an announcement at the time.
Both Monahan and ConsenSys are also stressing the importance of mutual collaboration at the time, and the sharing of information and resources. Unfortunately, the crypto community has an ugly habit of victim blaming people who are hacked. "Stop shaming ppl. They aren't stupid," Monahan wrote, noting how if your were hacked sharing details publicly can help the distributed, Web3 hive mind find a solution.
"Web3 belongs to everyone and we should all try to keep each other safe," the ConsenSys rep said.
As for best practices, Monahan wrote in all caps: “PLEASE DON'T KEEP ALL YOUR ASSETS IN A SINGLE KEY OR SECRET PHRASE FOR YEARS.” If that is mostly useful only in retrospect, she also cautions users to split up their assets, use a hardware wallet and migrate their funds off accounts connected to the internet. Further, the MetaMask shared this bulleted list:
- Never store your private key or secret recovery phrase anywhere online, always write it down somewhere and keep it safe
- Get and use a hardware wallet, but just like with MetaMask, don’t store your private key or secret recovery phrase anywhere onlinee (or realistically, in any internet-enabled device)
- If you ever get to the point where your wallet is so old that you can’t remember if you’ve been 100% diligent with its keys at all times, then consider creating a new wallet (which means a new secret recovery phrase, not a new account) and migrating your funds there
- Perform regular security checks and audits to ensure that you’re up to speed with the best security practices and just as [Monahan] mentioned, consider splitting up your assets across multiple recovery phrases, and using hardware wallets
As the nature of the exploit is revealed, it’s likely this story will get only bigger. Apparently, many longtime crypto users have been affected over a period of months without much word filtering out into the wider world. As long as crypto continues to have value, wallet users will continue to face such threats. A record $3.8 billion in crypto was stolen last year through scams, hacks and theft, according to Chainalysis’ latest accounting.
CoinDesk recently published a list of “Projects to Watch,” meaning protocols and companies we feel relatively good about recommending to users. I wrote about the increasingly popular Rainbow wallet, which is spreading mostly by word of mouth, in part because of its easy interface and built-in security features.
Rainbow, like many crypto wallets, has rolled out a series of security features to help protect wallets including pop-up messages that warn users about suspicious addresses they may be interacting with, as well as ID tools to prevent people from sending assets to incorrect or dead addresses. Basic security features like this should be the norm across crypto (to be clear, MetaMask is among the wallets with similar protections).
But it also seems like crypto users and malicious actors will constantly be playing a game of cat and mouse. With every technological advancement released to protect the uninformed, there is likely a workaround. And if Monahan is correct, even years of hands-on experience is no guarantee you will be safe. There are best practices to follow and pitfalls to avoid – but at this point, scamming is clearly endemic to crypto.
Where does that leave Web3? It’s not like banks or fintech apps are immune to hacks or scammers – but users should be able to trust even “trustless” technologies.
UPDATE (April 18, 2023 – 23:30 UTC): Adds comments from ConsenSys throughout, and a sentence stressing all wallets, not just MetaMask, are vulnerable.