coinspress.com
MetaMask, a self-custodial wallet provider, has refuted allegations by Taylor Monahan, the CEO of MyCrypto, that the recent multiple-wallet hack was a MetaMask-specific exploit.
MetaMask claims that the attacker withdrew 5,000 Ethereum (ETH), equivalent to around $10 million, from different addresses across 11 blockchains, not only from MetaMask users.
Recent reporting on @tayvano_’s thread has incorrectly claimed that a massive wallet draining operation is a result of a MetaMask exploit.
This is incorrect. This is not a MetaMask-specific exploit. https://t.co/MiJ3QgslMy
— MetaMask 🦊💙 (@MetaMask) April 18, 2023
MyCrypto’s security team is working with other affected wallet providers to determine the source of the attack. Monahan claimed to have discovered a 5,000 ETH exploit that affected long-standing users and employees of multiple wallets, including Ledger Live, MyCrypto, Trust, and Exodus.
The hack was not specific to MetaMask, as Monahan clarified later. MetaMask recently confirmed a data breach affecting over 7,000 users, but ConsenSys confirmed that MetaMask itself was safe to use.
In addition to the recent data breach, scammers also sent unsolicited emails to users through compromised Namecheap email providers, asking for their secret recovery phrase.
This incident raised concerns about the security of blockchain wallets and the need for better protection of users’ crypto keys.
SlowMist, a blockchain security specialist, suggested that the keys may have been part of a larger data breach and only discovered later to be crypto keys.