Crypto Wallets Exposed "Mnemonic Phrase Vulnerabilities" (4 Already Fixed) by@z3nch4n

Crypto Wallets Exposed "Mnemonic Phrase Vulnerabilities" (4 Already Fixed)

Popular cryptocurrency wallet providers MetaMask and Phantom (Solana ecosystem) disclosed on the 16th that they have recently patched a security flaw. The vulnerability stems from a problem in Javascript that may cause the mnemonic to be stored in memory for a period of time, allowing an attacker to obtain the.mnemonic from an unencrypted hard drive, thereby controlling the victim user's encrypted assets and NFTs. Wallet providers have notified at least ten other browsers and extension-based wallet providers, including MetaMask, Phantom and Brave.
image
Zen Chan HackerNoon profile picture

Zen Chan

Interested in Infosec & Biohacking. Security Architect by profession. Love reading and running.

Popular cryptocurrency wallet providers MetaMask and Phantom said today that they had patched a security flaw that could, in some cases, allow attackers to obtain mnemonic phrases from a hacked computer's disk, enabling many browser-based extensions of wallets are at risk of being hacked.

Popular cryptocurrency hot wallet providers MetaMask and Phantom (Solana ecosystem) disclosed on the 16th that they have recently patched a security flaw. The vulnerability stems from a problem in Javascript that may cause the mnemonic to be stored in memory for a period of time, allowing an attacker to obtain the mnemonic from an unencrypted hard drive, thereby controlling the victim user's encrypted assets and NFTs.


The vulnerability was discovered in May last year by blockchain security firm , which, in addition to MetaMask and Phantom, has notified at least ten other browsers, and extension-based wallet providers, according to Coindesk.


UPDATE: Some Wallets Have Fixed Vulnerabilities

confirmed that wallets that have fixed the vulnerability include MetaMask, Phantom, Brave, and xDefi.


https://twitter.com/HalbornSecurity/status/1537105566224601091

https://twitter.com/HalbornSecurity/status/1537105566224601091

that they learned of the vulnerability in September 2021 and fully patched it in April this year. At the same time, they added that another critical security patch would be rolled out next week.


said that users using mobile device applications are not affected, but a small number of users in many browser wallets, including MetaMask, will face security risks. The team released MetaMask expansion version 10.11.3 in March. Fixed the bug, so these shouldn't be an issue for users of this version and newer.

Conditions for an Attack

The team further explained that there is a possibility of being attacked if the following three conditions are met:


  1. The hard disk is not encrypted.
  2. Import the annotation words into a hacked computer or someone you do not trust.
  3. Use the "Show Mnemonic" feature when importing.

Final Words - Transfer Assets to New Wallet Addresses

MetaMask recommends that users consider transferring funds from these wallet accounts to ensure safety if they meet the above conditions. It also provides guidelines for migrating account funds and states that third-party migration tools must be used at your own risk.


The team further suggested that if users are concerned about assets being affected, they can consider enabling disk encryption on the system and using hardware wallets to manage assets. However, co-founder , who received a $50,000 bounty from MetaMask for reporting the bug, Steve Walbroehl, told Coindesk that most users are still advised to move to a new wallet address.



Thank you for reading. May InfoSec be with youπŸ––.

react to story with heart
react to story with light
react to story with boat
react to story with money
L O A D I N G
. . . comments & more!