Fun

Hackers Are Cloning Web3 Wallets Like Metamask and Coinbase Wallet to Steal Crypto

News Feed - 2022-06-15 04:06:54

Hackers Are Cloning Web3 Wallets Like Metamask and Coinbase Wallet to Steal Crypto


Confiant, an advertising security agency, has found a cluster of malicious activity involving distributed wallet apps, allowing hackers to steal private seeds and acquire the funds of users via backdoored imposter wallets. The apps are distributed via cloning of legitimate sites, giving the appearance that the user is downloading an original app. Malicious Cluster Targets Web3-Enabled Wallets Like Metamask


Hackers are becoming more and more creative when engineering attacks to take advantage of cryptocurrency users. Confiant, a company that is dedicated to examining the quality of ads and the security threats these might pose to internet users, has warned about a new kind of attack affecting users of popular Web3 wallets like Metamask and Coinbase Wallet.


The cluster, that was identified as “Seaflower,” was qualified by Confiant as one of the most sophisticated attacks of its kind. The report states that common users cannot detect these apps, as they are virtually identical to the original apps, but have a different codebase that allows hackers to steal the seed phrases of the wallets, giving them access to the funds. Distribution and Recommendations


The report found out that these apps are distributed mostly outside regular app stores, through links found by users in search engines such as Baidu. The investigators state that the cluster must be of Chinese origin due to the languages in which the code comments are written, and other elements like infrastructure location and the services used.


The links of these apps reach popular places in search sites due to the intelligent handling of SEO optimizations, allowing them to rank high and fooling users into believing they are accessing the real site. The sophistication in these apps comes down to the way in which the code is hidden, obfuscating much of how this system works.


The backdoored app sends seed phrases to a remote location at the same time that it is being constructed, and this is the main attack vector for the Metamask imposter. For other wallets, Seaflower also uses a very similar attack vector.


Experts further made a series of recommendations when it comes to keeping wallets in devices secure. These backdoored applications are only being distributed outside app stores, so Confiant advises users to always try to install these apps from official stores on Android and iOS. Tags in this story Backdoor, Coinbase Wallet, Hackers, metamask, seaflower, seed phrases, Wallets, Web3


What do you think about the backdoored Metamask and Web3 wallets? Tell us in the comments section below. Sergio Goschenko


Sergio is a cryptocurrency journalist based in Venezuela. He describes himself as late to the game, entering the cryptosphere when the price rise happened during December 2017. Having a computer engineering background, living in Venezuela, and being impacted by the cryptocurrency boom at a social level, he offers a different point of view about crypto success and how it helps the unbanked and underserved. Report: Celsius Seeks Help From Restructuring Lawyers Over Financial Hardship NEWS | 3 hours ago Coinbase Reduces the Size of the Firm"s Workforce by 18% NEWS | 15 hours ago


Image Credits: Shutterstock, Pixabay, Wiki Commons, photo_gonzo Previous articleReport: Celsius Seeks Help From Restructuring Lawyers Over Financial Hardship Disclaimer: This article is for informational purposes only. It is not a direct offer or solicitation of an offer to buy or sell, or a recommendation or endorsement of any products, services, or companies. Bitcoin.com does not provide investment, tax, legal, or accounting advice. Neither the company nor the author is responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned in this article. Read disclaimerShow comments More Popular NewsIn Case You Missed ItTony Hawk"s Latest NFTs to Come With Signed Physical Skateboards


Last December, the renowned professional skateboarder Tony Hawk released his “Last Trick” non-fungible token (NFT) collection via the NFT marketplace Autograph. Next week, Hawk will be auctioning the skateboards he used during his last tricks, and each of the NFTs ... read more.Today"s Top Ethereum and Bitcoin Mining Devices Continue to Rake in Profits Australia to List Bitcoin ETF After 4 Clearinghouse Participants Commit to Meet Stringent Margin Terms Survey: Adoption in Argentina Grows, With 12 out of 100 Adults Having Invested in Crypto Ethereum Foundation"s Financial Report Discloses It Holds $1.6 Billion in Assets, 80.5% Held in Ether

News Feed

Solana Could Target $220 If It Holds Current Levels – Analyst Expects Short-Term Bullish Momentum
Este artículo también está disponible en español. Solana is trading above the crucial $200 level after enduring days of extreme volatility and heavy selling pressure. Des
Binance Is Hunting for a New CEO — Exchange’s US Venture ‘Looks at Potential IPO Route’
Binance Is Hunting for a New CEO — Exchange"s US Venture "Looks at Potential IPO Route" Binance CEO Changpeng “CZ” Zhao has explained in a recent i
Dogecoin Demand Slumps—Nearly 70% Drop In Open Interest Raises Concerns
Este artículo también está disponible en español. Investor enthusiasm for Dogecoin is sharply declining. Over 67% of the open interest on the meme coin has decreased in t
Record-Breaking Bitcoin Surge Post-Trump Election: Futures Market Hints At More To Come
The futures market is signaling that the current Bitcoin rally, spurred by Donald Trump’s recent election victory on Tuesday, might be starting. Accordingto Vetle Lunde, head of research at K33 Research, the electi
Canadian Restaurant Chain Tahini’s Converts All Cash Reserves Into Bitcoin
Canadian Restaurant Chain Tahini"s Converts All Cash Reserves Into BitcoinCanada-based Middle Eastern restaurant chain Tahini’s has converted all of its cash reserves into bit
Ampleforth introduces ‘low-volatility’ alternative to fiat stablecoins
Vince Quill7 hours agoAmpleforth introduces ‘low-volatility’ alternative to fiat stablecoinsCoinbase Ventures provided $1 million in funding for the new digital asset that tracks the Consumer Price Index, offsetting
David Attlee8 hours agoJapan Blockchain Association demands tax cuts for cryptoAdvocates of the crypto industry in Japan demand the revision of the national tax regime for digital assets.4775 Total views6 Total sharesLis
Panic Or Opportunity? Dogecoin Whales Liquidate 100 Million Coins
Este artículo también está disponible en español. The crypto market is paying attention to a massive Dogecoin (DOGE) transaction. A whale transferred 100 million DOGE, or
CME’s Bitcoin Friday Futures launch with 31K contracts on day one
Ana Paula Pereira5 hours agoCME’s Bitcoin Friday Futures launch with 31K contracts on day oneCME’s new derivatives product allows market participants to hedge or speculate on Bitcoin price movements in the short term
Tesla CEO Elon Musk Says Inflation Has Peaked — But We’ll Have a Recession for 18 Months
Tesla CEO Elon Musk Says Inflation Has Peaked — But We"ll Have a Recession for 18 Months Tesla CEO Elon Musk believes inflation has peaked and the U.S. economy will be in a reces
Ana Paula Pereira6 hours agoNew York AG probes transactions at Genesis, ties with Barry Silbert: ReportDigital Currency Group (DCG) is reportedly under investigation in New York for financial transactions involving its s
Firstderivative Yield Farming Project Is Now Live With x10 Bonus
Firstderivative Yield Farming Project Is Now Live With x10 BonusThe latest trends at the cryptocurrency market are largely characterized by DeFi gaining more momentum and the upcomi