Google Yanked MetaMask From the Chrome Store, Left a Phishing Scam Up

Scams are an epidemic in the crypto space, and clumsy actions by big tech companies can open up the opportunities, as MetaMask learned recently.

AccessTimeIconJul 26, 2018 at 7:31 p.m. UTC
Updated Sep 13, 2021 at 8:13 a.m. UTC
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global event for everything crypto, blockchain and Web3.Register Now

It was "an interesting wake-up call."

That was how Kevin Serrano, an employee at ethereum startup and incubator ConsenSys, described the revelation that MetaMask had been removed from Google Chrome's web store in a recently published blog post.

MetaMask, a Consensys "spoke," is an ethereum wallet that also serves as a bridge between web browsers and the ethereum blockchain. A little after 10:00 a.m. EDT Wednesday morning, the MetaMask team announced on Twitter that the extension had been removed from the Chrome store.

The team received no explanation for Google's action, according to Serrano, or even notification that it had happened – though he added that it's possible the email bounced. The extension was restored to the web store around five hours later. According to Serrano, Google explained that delisting MetaMask had been an "error."

And in this way, Serrano said it became clear:

"For a product that enables decentralized technology, [MetaMask] has centralized points of failure."

It's an issue blockchain entrepreneurs have grappled with since the industry first started testing its ideas.

One of the fundamental merits of blockchains and the decentralized applications built on top of them is that no single party can take down or censor them. Yet, this theoretical quality is frequently rendered moot where blockchain networks meet the legacy web or financial system.

Centralized exchanges, where fiat currency is converted into cryptocurrencies, are the most commonly cited example of where censorship-resistance and decentralization fail in practice.

But this incident has highlighted another such choke point: app stores.

Making the app available to users, Serrano continued, requires "placing our trust in browsers, GitHub and the people deploying in order to keep the system working."

Phishing frenzy

It's not only the trust required to keep the extension open to the most users (sufficiently tech-savvy users could have still downloaded it on Chrome), but also the fact that the action opened up opportunities for scammers – an endemic problem in the cryptocurrency space.

With MetaMask proper removed, Serrano wrote, "What was left when one searched the term 'MetaMask' on the store was a few re-branded MetaMask forks and one ambiguously branded lookalike."

Indeed, the situation presented the risk of phishing, in which attackers trick would-be users into downloading fake files that contain malware.

At one point Augur, another ethereum project, tweeted a warning not to download an extension called "MetaMask by Kupi.net," which was available in the Chrome store (it has since been removed). The app "is a fake, phishing app," the Augur team wrote, attaching an image:

metamask phishing chrome
metamask phishing chrome

Serrano told CoinDesk in an email that attempts to steal from users were also present on Telegram, a messaging platform popular with cryptocurrency enthusiasts, where attackers were "posing as an alternative support desk." It appears that some users were affected by this scam, he said, as well as an unrelated one on the Google Play Store, which lists apps for Google's Android operating system.

A Google spokesperson declined to comment on these phishing attempts.

While MetaMask continued to work on other browsers – Brave, Opera and Firefox – and those who had already downloaded the Chrome version were still able to use it, the team is looking into more decentralized alternatives such as IPFS, Serrano said.

The team also published a guide to installing the extension manually.

Fish hooks image via Shutterstock

Disclosure

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.


Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.