Fun

Hackers Are Cloning Web3 Wallets Like Metamask and Coinbase Wallet to Steal Crypto

News Feed - 2022-06-15 04:06:54

Hackers Are Cloning Web3 Wallets Like Metamask and Coinbase Wallet to Steal Crypto


Confiant, an advertising security agency, has found a cluster of malicious activity involving distributed wallet apps, allowing hackers to steal private seeds and acquire the funds of users via backdoored imposter wallets. The apps are distributed via cloning of legitimate sites, giving the appearance that the user is downloading an original app. Malicious Cluster Targets Web3-Enabled Wallets Like Metamask


Hackers are becoming more and more creative when engineering attacks to take advantage of cryptocurrency users. Confiant, a company that is dedicated to examining the quality of ads and the security threats these might pose to internet users, has warned about a new kind of attack affecting users of popular Web3 wallets like Metamask and Coinbase Wallet.


The cluster, that was identified as “Seaflower,” was qualified by Confiant as one of the most sophisticated attacks of its kind. The report states that common users cannot detect these apps, as they are virtually identical to the original apps, but have a different codebase that allows hackers to steal the seed phrases of the wallets, giving them access to the funds. Distribution and Recommendations


The report found out that these apps are distributed mostly outside regular app stores, through links found by users in search engines such as Baidu. The investigators state that the cluster must be of Chinese origin due to the languages in which the code comments are written, and other elements like infrastructure location and the services used.


The links of these apps reach popular places in search sites due to the intelligent handling of SEO optimizations, allowing them to rank high and fooling users into believing they are accessing the real site. The sophistication in these apps comes down to the way in which the code is hidden, obfuscating much of how this system works.


The backdoored app sends seed phrases to a remote location at the same time that it is being constructed, and this is the main attack vector for the Metamask imposter. For other wallets, Seaflower also uses a very similar attack vector.


Experts further made a series of recommendations when it comes to keeping wallets in devices secure. These backdoored applications are only being distributed outside app stores, so Confiant advises users to always try to install these apps from official stores on Android and iOS. Tags in this story Backdoor, Coinbase Wallet, Hackers, metamask, seaflower, seed phrases, Wallets, Web3


What do you think about the backdoored Metamask and Web3 wallets? Tell us in the comments section below. Sergio Goschenko


Sergio is a cryptocurrency journalist based in Venezuela. He describes himself as late to the game, entering the cryptosphere when the price rise happened during December 2017. Having a computer engineering background, living in Venezuela, and being impacted by the cryptocurrency boom at a social level, he offers a different point of view about crypto success and how it helps the unbanked and underserved. Report: Celsius Seeks Help From Restructuring Lawyers Over Financial Hardship NEWS | 3 hours ago Coinbase Reduces the Size of the Firm"s Workforce by 18% NEWS | 15 hours ago


Image Credits: Shutterstock, Pixabay, Wiki Commons, photo_gonzo Previous articleReport: Celsius Seeks Help From Restructuring Lawyers Over Financial Hardship Disclaimer: This article is for informational purposes only. It is not a direct offer or solicitation of an offer to buy or sell, or a recommendation or endorsement of any products, services, or companies. Bitcoin.com does not provide investment, tax, legal, or accounting advice. Neither the company nor the author is responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned in this article. Read disclaimerShow comments More Popular NewsIn Case You Missed ItTony Hawk"s Latest NFTs to Come With Signed Physical Skateboards


Last December, the renowned professional skateboarder Tony Hawk released his “Last Trick” non-fungible token (NFT) collection via the NFT marketplace Autograph. Next week, Hawk will be auctioning the skateboards he used during his last tricks, and each of the NFTs ... read more.Today"s Top Ethereum and Bitcoin Mining Devices Continue to Rake in Profits Australia to List Bitcoin ETF After 4 Clearinghouse Participants Commit to Meet Stringent Margin Terms Survey: Adoption in Argentina Grows, With 12 out of 100 Adults Having Invested in Crypto Ethereum Foundation"s Financial Report Discloses It Holds $1.6 Billion in Assets, 80.5% Held in Ether

News Feed
Helen Partz13 hours agoCoinbase suspends 80 non-USD trading pairs to improve liquidityCoinbase crypto exchange has been removing dozens of trading pairs in an effort to improve liquidity on its platforms.3923 Total views
2023-10-17 19:06 PM
Elon Musk Hints Tesla Owns About 42K Bitcoins
Elon Musk Hints Tesla Owns About 42K Bitcoins Tesla CEO Elon Musk has hinted how many bitcoins Tesla owns after revealing that the fair market value of its bitco
2021-07-29 20:00 PM
Korean Government to Adopt Cryptocurrency Tracking System Within 5 Months
Korean Government to Adopt Cryptocurrency Tracking System Within 5 Months The South Korean government will adopt a cryptocurrency tracking system within the first half of this year
2023-01-31 12:30 PM
Bitcoin’s Mining Difficulty Change Prints 2022’s Second Largest Increase — Metric Nears All-Time High
Bitcoin’s Mining Difficulty Change Prints 2022’s Second Largest Increase — Metric Nears All-Time High On Wednesday, Bitcoin’s mining difficulty jumped 9.26% higher, re
2022-09-01 02:30 AM
Finance Committee Approves Legislation Delaying Crypto Tax in South Korea
Finance Committee Approves Legislation Delaying Crypto Tax in South Korea Changes meant to postpone the introduction of a tax on virtual assets such as cryptocurrencies in South Ko
2021-12-01 02:30 AM
50 Companies Back New Cryptocurrency Project Competing With Facebook’s Libra
50 Companies Back New Cryptocurrency Project Competing With Facebook"s Libra Some members of the Libra Association are now backing a rival project called Celo, which has its own
2020-03-13 14:55 PM
Turner Wright2 hours agoSEC embroiled in court cases; Hester Peirce says crypto firms shouldn’t give up on USThe commissioner said she had seen awareness and knowledge of digital assets grow in her five years at the SE
2023-09-19 06:36 AM
European Union to Regulate Stablecoins, Not Issue Its Own: Source
The European Union is taking a closer look at how to regulate stablecoins, but has no plans to issue one of its own. A group within the EU presidency is working on a draft political
2019-11-07 04:00 AM
European Crypto Exchange Hacked for $5.4 Million in Bitcoin
European Crypto Exchange Hacked for $5.4 Million in BitcoinEterbase, a Slovak cryptocurrency exchange, revealed Thursday that it had been hacked for $5.4 million. Cyber-criminals br
2020-09-11 15:00 PM
Decentralised Socialfi Platform Boom Live on App Store, Unveiling Two NFT Airdrops
Decentralised Socialfi Platform Boom Live on App Store, Unveiling Two NFT Airdrops sponsored Decentralised socialfi platform Boom has announced the launch of its application on theA
2022-02-17 07:00 AM
Ana Paula Pereira15 hours agoFirst Bitcoin futures contract debuts in ArgentinaAccording to Matba Rofex, the trading platform behind the investment vehicle, the first Bitcoin futures contract in Latin America has begun t
2023-07-14 02:50 AM
Crypto Analyst Says Bitcoin Price Is Approaching Strongest Part Of The Bull Run, Here’s The Target
Este artículo también está disponible en español. Crypto analyst Tony Severino has said that the Bitcoin priceis approaching the strongest part of the bull run. Based on
2024-10-31 01:00 AM