MetaMask users lose more than $10 million due to an unknown exploit
The hacker targets experienced crypto users and attack addresses created between 2014 and 2022
19.04.2023 - 09:10
988
3 min
0
What’s new? Metamask crypto wallet developer Taylor Monahan discovered an unknown exploit that allowed the hacker to withdraw at least 5000 ETH (about $10,37 million at the exchange rate on April 19) and an unknown number of other coins and non-fungible tokens (NFTs) from 11 different networks since December 2022. In a series of posts on Twitter, she said that the attack was not related to a low-brow phishing site and was systemic in nature.
For the past 48hrs I've been unwinding a massive wallet draining operation 😳😭I don't know how big it is but since Dec 2022 it's drained 5000+ ETH and ??? in tokens / NFTs / coins across 11+ chains.Its rekt my friends & OGs who are reasonably secure.No one knows how. pic.twitter.com/MafntG7RkP — Tay 💖 (@tayvano_) April 18, 2023
What else is known? The hacker attacks exclusively experienced crypto users, with the MetaMask team still not understanding exactly how he does it and what specific bug he uses.
The only commonalities that the victims have in common include the fact that the private keys were created between 2014 and 2022 and that the users were fairly experienced.
It is also known that a few hours after the first hack, the attacker usually returns to steal the remaining funds. The first theft in this case occurs between 10:00 and 16:00 UTC. He usually exchanges various tokens for ETH inside the wallet and then converts them into BTC to send to the crypto mixer.
Monahan advised not to keep all of one’s assets in a wallet with one secret phrase and to distribute funds to different addresses to avoid losses. Another security option would be to buy a hardware wallet.
Как надежно хранить криптовалюту. Выбираем лучшие криптокошельки 2023 года
Подробно разбираем все типы криптовалютных кошельков, а также выбираем лучшие хранилища для цифровых активов, исходя из потребностей каждого отдельного пользователя
Earlier, ConsenSys, the developer of MetaMask, reported data leaks from more than 7000 customers around the world. Thus, between August 1, 2021, and February 10, 2023, third parties were able to obtain the personal data of users who contacted the MetaMask support service.
In January, the developers of MetaMask warned about a new scam scheme in which attackers substitute the address of a transaction, counting on users’ inattention when making further operations.
Useful material?
Incidents
Developers warned of potential risks to bridges across the ecosystem and asked exchanges for assistance.
Jun 22, 2026
Incidents
The defendant helped move funds stolen through investment scams and earned at least $4 million for his role in the operation.
Jun 10, 2026
Incidents
The company is linking the incident to a compromised private key on a service wallet, rather than a smart contract exploit
May 22, 2026
Incidents
Following the incident, the project temporarily halted trading operations and node activity.
May 15, 2026
Incidents
The user spent weeks unsuccessfully trying to guess the password until Claude helped find an old wallet backup file
May 14, 2026
Crypto regulations
Authorities are introducing mandatory registration for companies handling cross-border crypto transactions
May 8, 2026
Telegram
Twitter