Sam Kessler
Sam is a reporter at CoinDesk focused on decentralized technology, DeFi and DAOs. He owns ETH, BTC and MATIC.
MetaMask and Phantom, two of the largest crypto wallet providers, disclosed in blog posts Wednesday that they recently patched a security vulnerability that could have exposed sensitive login credentials to users with compromised devices.
The wallet providers say there is no evidence that the vulnerability was ever exploited by attackers, meaning no user funds are known to have been impacted.
MetaMask and Phantom – which discovered the bug based on a tip from blockchain security firm Halborn – informed at least 10 other browser-based “hot-wallets” that they contained the same vulnerability. The full list of impacted – and patched – wallets is unclear at this time.
Although the vulnerability came with a narrow attack vector and there’s no evidence of it ever having been exploited by hackers, it highlights the inherent security risk of internet-connected hot wallets compared to more secure – albeit less convenient – hardware wallets.
Should you be concerned?
MetaMask and Phantom are not recommending that most users take any action other than to update their browsers in order to ensure the wallets they are using are running the most up-to-date software versions.
According to a blogpost from METAMASK you should only be concerned if you match all of the following conditions:
- Your hard drive was unencrypted;
- You imported your Secret Recovery Phrase into a MetaMask extension on a device that is in possession of someone you do not trust, or your computer is compromised;
- You used the “Show Secret Recovery Phrase” checkbox to view your Secret Recovery Phrase on-screen during that import process.
“If your computer is not physically secure from people you do not trust, we recommend
you enable full disk encryption on your system,” read the MetMask blog post. “Additionally, you are not affected by this if your funds are managed by a hardware wallet.”
Phantom’s blog post largely echoed that of MetaMask.
In its blog post, MetaMask outlines steps that users should take to move to a new wallet if they believe their credentials could have been compromised.
Halborn, which was rewarded a $50,000 bounty for disclosing the bug, recommended most users swap over to a new wallet address out of an abundance of caution.
Steve Walbroehl, Halborn’s co-founder, told CoinDesk, “Just given the fact that this is something that has been around for so long, you don’t know who possibly could have gotten [exploited]. Maybe you clicked on a bad phishing email and they have access to your machine. Maybe somebody took it before even though you’ve now upgraded. I just think out of an abundance of caution, given the criticality, it’s better to just change it.”
He continued, “My number one recommendation is to just get a hardware wallet.”
How it happened
The vulnerability resulted from a quirk in the javascript programming language which sometimes led to a user’s secret recovery phrase being stored in a user’s local memory for some period of time (exactly how long is unknown and likely varies by device).
If a user entered this phrase on a compromised or otherwise-untrusted device, an attacker would have had the ability to swipe it from memory if he or she knew exactly where to look (or, more likely, had a specialized tool for the task).
A secret recovery phrase – also called a ‘seed phrase’ or ‘mnemonic phrase’ – is a series of 12-words that users receive when they set up a smart wallet, and it serves as a master key should users ever need to recover their wallet or set it up on a new device.
If a person’s secret recovery phrase falls into the hands of someone malicious, he or she may use it to seize full control of that person’s funds.
MetaMask was informed of the bug in July 2021 and issued a patch in March of this year. Phantom learned of the bug in September 2021 and issued several patches to address the issue between January and April 2022.
