Pages:
Author

Topic: metamask security - page 2. (Read 382 times)

hero member
Activity: 1442
Merit: 775
July 12, 2022, 07:24:47 PM
#4
Revoke Smart Contract Allowance with unrekt.net

On some web3 sites, you will have to connect your wallet and approve access to its key to make transactions. The approve step is dangerous and hacker can use that access to steal your money. If you have an active wallet with history of transactions, you will see there are some hidden (in grey color) tokens that airdropped to your wallet. Their tokens are unverified and I can tell you most of unverified tokens by block explorers (Etherscan.io or bscscan.com) are scam tokens.

You should revoke smart contract allowance to avoid unwanted access to your fund. If you ever click on unverified tokens, give them access, you should move your fund to a new wallet with new mnemonic seed as soon as possible.
copper member
Activity: 2856
Merit: 3071
https://bit.ly/387FXHi lightning theory
July 12, 2022, 04:34:12 PM
#3
Nothing can be stolen from you until you hit to get a transaction processed.

It's a good idea though not to connect to anywhere you don't trust/doesn't have a big audience and will stop you from making that mistake.
legendary
Activity: 2114
Merit: 2248
Playgram - The Telegram Casino
July 12, 2022, 04:10:14 PM
#2
does this mean if wallet is accessed by hacker that they can then access connected sites ?
How I see it, shouldn't you be more worried about your wallet being accessed through a vulnerability in the connected websites, that the other way around?
AFAIK, a vulnerability on either side can lead to a breach into the other; so if your wallet is accessed by a hacker they can gain access to connected sites. Also, if you link your wallet to a malicious site, it could lead to a breach in your wallet security.
jr. member
Activity: 50
Merit: 2
July 12, 2022, 04:00:19 PM
#1

    Hi all . re: m.mask security ...... if you have very small/low risk funds in m.mask wallet , as recommended , but from a phishing/hacking perspective , you have : connected sites : to wallet , does this mean if wallet is accessed by hacker that they can then access connected sites ?
Pages:
Jump to: