MetaMask and Phantom crypto wallets fixed critical vulnerability in browser extension
A bug discovered by Halborn back in September 2021 allowed hackers to extract seed phrases from users’ computers
16.06.2022 - 15:20
393
2 min
0
What’s new? Cybersecurity company Halborn has reported that cryptocurrency wallets MetaMask and Phantom have fixed a critical vulnerability in a browser software extension. The Halborn report says that the vulnerability, which was discovered back in September 2021, allowed hackers to extract seed phrases from users’ computers.
A seed phrase is a key secret phrase needed to regain access to a cryptocurrency wallet. It is usually generated automatically when creating a wallet and contains 12, 18, or 24 words.
What does the report say? Halborn analysts reported that seed phrases generated by wallet providers were stored on users’ computers in plain text as part of the “Restore Session” feature. This meant that attackers could get into the system using malware or physical access. The company added that it was working with wallet providers to fix the vulnerability.
What do wallet developers say? MetaMask developers explained that the critical security issue only affected “a small segment of users,” and the vast majority of customers were not at high risk. Phantom representatives said that they began addressing the vulnerability three months after it was spotted by Halborn.
MetaMask and Phantom are software (hot) non-custodial wallets. They can be used to store, send and receive cryptocurrencies, as well as put them into staking. MetaMask operates on the Ethereum blockchain and has grown to 30 million active wallet users in January 2022. Phantom uses the Solana network.
In April, the MetaMask team warned wallet users about the danger of storing data in Apple iCloud because of the possible phishing attacks.
To find out what cryptocurrency wallets are and what to look out for when choosing one, see GetBlock Magazine’s article.
Useful material?
Telegram 
Twitter Market
According to the founder of TRON, the leading US crypto exchange asked for several hundred million dollars for the listing of TRX
Nov 4, 2024
Incidents
The company conducted fictitious trading for six years to inflate the trading volume of tokens of several companies, receiving payment for these services
Nov 1, 2024
Market
1,5 million addresses have already left applications
Oct 31, 2024
Business
The company began investing in bitcoin in 2020, and since then, the value of its securities has risen by 1700%
Oct 30, 2024
Mining
The Deputy Energy Minister explained that in deficit regions, it is impossible to allocate large capacities for industry enterprises until 2030
Oct 30, 2024
Market
Customers will also be able to withdraw funds to bank accounts using cards
Oct 30, 2024
Cryptocurrency rates
-
Bitcoin
$68 017
BTC
-0.32%
-
Ethereum
$2 434.1
ETH
-0.22%
-
BNB Smart Chain
$570.25
BSC
-0.32%
-
Ripple
$0.510184
XRP
+2.46%
-
Dogecoin
$0.157447
DOGE
+7.44%
-
Cardano
$0.327424
ADA
-1.01%
-
Bitcoin Cash
$335.15
BCH
-0.9%
-
Polkadot
$3.78
DOT
+0.8%
-
Litecoin
$66.46
LTC
+0.65%
-
Stellar XLM
$0.091469
XLM
+1.6%