Ad Code

Is it safe to keep your Ethereum on MetaMask?


MetaMask: is it safe to keep your Ethereum on it?



Is it safe to keep your Ethereum on MetaMask? The security of crypto wallets like MetaMask is of concern due to recent events that have taken place. MetaMask is in the crosshairs of many users for its lack of transparency when it comes to security. 

Vulnerability reports are multiplying, without obtaining answers from the famous site. All of these elements are of concern and set off alarm bells for many analysts.

With such information, one might wonder if it is really safe to keep your coins on your MetaMask wallet. Knowing that it is the most popular wallet for Ethereum, one is entitled to wonder if a new attack might not once again siphon off the accounts of thousands of users.

With “The Merge” coming soon to Ethereum, it can be normal to worry about a potential attack on crypto holders.

The Solana hack puts the crypto world in tension

The Solana hack puts the crypto world in tension


It is indeed the recent Solana hack that will have raised awareness about the security standards of the various crypto wallet services. This attack caused the loss of nearly $6.6 million to holders of SOL or USDC. 

This attack targeted the Phantom and Slope wallets of thousands of users. An investigation is still underway to determine the exact reasons for the success of this attack. 

Recently, Zachxbt, who defines himself as an on-chain detective, was able to trace the Binance wallet that participated in this attack. 

But it is still impossible to know if this one has not also been compromised.

MetaMask takes the brunt of criticism

MetaMask is the most popular crypto wallet service when it comes to Ethereum. To reassure his clients, the latter announces that the teams in charge will carry out analyzes to strengthen the security of their portfolio.

But MetaMask's audit was also done independently by other experts. Its source code is also freely accessible on GitHub. 

According to them, MetaMask has the same security flaws that allowed hackers to compromise thousands of wallets on Phantom and Slope.

Despite recent statements from MetaMask, it seems that it is still lagging behind . He will have to go into overdrive if he wants to reassure and keep his customers over the coming months.

MetaMask deemed unresponsive to reported issues

The CEO of Aurox, Giorgi Khazaradze deplores the non-responsiveness of MetaMask . He says the problem team is unresponsive to reported information about site vulnerabilities. 

The latter is working on a concurrent extension to MetaMask and intends to dethrone the juggernaut in place. But for now, MetaMask still keeps a gigantic ascendancy with nearly 30 million monthly active users. This is an increase of 42% if we compare these figures to the year 2021.

Giorgi Khazaradze reports possibility of hijacking on expansion

Khararadze thinks it 's possible to leverage an HTML element called an iframe to add a hidden app to a web page. MetaMask uses these iframes to allow its connection to a decentralized application. But this process can easily be hijacked by attackers. 

With this flaw, they could display different pop-ups on the user's screen for example. The most accepted hypothesis would be the appearance of an NFT offer , where the user would have to connect to obtain it.

Part of the reason the flaw is so dangerous is how MetaMask works against it. If it detects a decentralized application on a website, it directly prompts users to log in to it. 

This method almost resembles the principle of clickjacking. MetaMask had already paid a heavy fine because of this in June for the sum of $120,000.

This is not the first time that MetaMask has found itself unresponsive to the injunctions of its peers. 

Alex Lupascu, the co-founder of Omnia had already warned of a major flaw in the extension, 5 months ago. It seems that this flaw has still not been corrected since it is still exploitable.

"My team and I discovered a critical privacy #vulnerability in the most popular #crypto #wallet.

Are you using MetaMask?

Well, I have bad news for you - your #privacy is at risk! "@samczsun @gakonst @VitalikButerin @cz_binance @phildaian

https://t.co/ar30UMzR1G

— Alex Lupascu oO (@alxlpsc) January 20, 2022

How to effectively protect your MetaMask wallet?

How to effectively protect your MetaMask wallet?


David Schwed thinks that no wallet is completely safe anyway . The best solution is still to diversify your funds on different platforms. Thus, the risk of losing everything is limited by concentrating all available capital in one place.

For him, the safest way to preserve your wallet is to keep your private key on secure hardware such as a USB key for example. The best known are Ledger and Trezor.

For the moment, vigilance is in order. Don't be fooled by suspicious online offers and review your security settings from top to bottom.

Post a Comment

0 Comments

Close Menu