Bitcoin Forum>Alternate cryptocurrencies>Marketplace (Altcoins)>Service Discussion (Altcoins)
Author

Topic: MetaMask Wallet - Wallet penetration (Read 143 times)

batang_bitcoin
hero member
Activity: 3080
Merit: 603
MetaMask Wallet - Wallet penetration
February 23, 2021, 04:27:23 PM
#13
Quote from: toyo87 on February 23, 2021, 04:16:00 AM
Quote from: batang_bitcoin on February 22, 2021, 05:16:58 PM
Maybe you've become a phishing victim and input elsewhere your private keys or json file to that phishing link. If not, that router, it's the first time to hear it although I've used Metamask a few times but didn't have any chance of using it.
Is that another third-party add-on for the wallet that you have downloaded? the possible chance that you've lost it because of it is high.


I have done thorough research on my meatball plugin and there is no record of me connecting to new site nor connecting to metamask swap router,  but on Etherscan Approve Checker there is record of metamask swap router.
Well, then you know who's the suspect for the stealing of your funds. Be careful on downloading plugins because there were posts before that everyone should be careful with such. It's a very important thing that you should know what you download and always be doubtful to use it if it's not familiar or popular. I've used Metamask before and it's just smooth but without downloading any other plugins. If the vulnerability is with Metamask, there's no need for you to stay on it, and sad to say that there's no way to get back what was lost to you.

Quote from: toyo87 on February 23, 2021, 04:16:00 AM
When I check the penetrating address, it is still stealing from other wallet as of 24hours ago. Leaving zero balance ETH on all the victims. Not even a gwei is left.
Whoever is behind it, he will not stop as long as there are possible victims he'll get.
OasisDre
member
Activity: 532
Merit: 41
Re: MetaMask Wallet - Wallet penetration
February 23, 2021, 05:07:19 AM
#12
The question is how did the swap router get connected on your app without your authorization? This is weird, is metamask team behind this attack? Have you try reaching out to the team? There is no reason for the team to steal that amount of tokens this way, get in touch with the team and hear them out
toyo87
full member
Activity: 738
Merit: 100
Follow on Twitter @realToyoTheo
Re: MetaMask Wallet - Wallet penetration
February 23, 2021, 04:24:32 AM
#11
On your end, MetaMask wallet Plugin keeps records of all web3 sites and dapp your wallet have connected with.

Finding unrecorded connection through Etherscan (which is not recorded by your plugin), shows the wallet is Vulnerable.

I am keeping records of every review and screenshot of my findings on the MetaMask attack.
toyo87
full member
Activity: 738
Merit: 100
Follow on Twitter @realToyoTheo
Re: MetaMask Wallet - Wallet penetration
February 23, 2021, 04:23:33 AM
#10
The address that attack my MetaMask wallet, is still going on penetrating other wallet and withdrawing their ETH to ZERO balance.
toyo87
full member
Activity: 738
Merit: 100
Follow on Twitter @realToyoTheo
Re: MetaMask Wallet - Wallet penetration
February 23, 2021, 04:21:15 AM
#9
The process of the attack on my MetaMask Wallet.

1. My wallet received 0.02ETH from unknown address.
2. My wallet immediately trigger a contract.
3. 0.039879773752756ETH withdrawn to the unknown wallet address.
4. The unknown wallet address sent several ETH to my address again.
5. My wallet trigger the same contract again.
6. My wallet then trigger the MetaMask Swap Router and swapped my 500 SWAP tokens for ETH.
7. All available ETH on my wallet was withdrawn to the tune of 0.71517927781594 to the same unknown wallet address.

MY OBSERVATION: This is not an outside attack on my wallet but inside job/vulnerability on MetaMask wallet.

If it was an on my PC, there will be no need for the person to send me ETH and then connect to a Contract, and then send ETHs again and then Swap valuable Token on MetaMask Swap Router and then withdraw all available ETH to the extent that there is no single GWEI in my wallet.



#MetaMask #StaySafe #Vulnerability #MetaMaskIsNotSafeForNow
slaman29
legendary
Activity: 2674
Merit: 1226
Livecasino, 20% cashback, no fuss payouts.
Re: MetaMask Wallet - Wallet penetration
February 23, 2021, 04:18:00 AM
#8
I've to admit I'm not technical enough to understand what happened but if it is true that there was no tampering then the most likely explanation to me is that someone got hold of the seed phrase and simply just restored the wallet somewhere else and used it from another device?
toyo87
full member
Activity: 738
Merit: 100
Follow on Twitter @realToyoTheo
Re: MetaMask Wallet - Wallet penetration
February 23, 2021, 04:16:00 AM
#7
Quote from: batang_bitcoin on February 22, 2021, 05:16:58 PM
Maybe you've become a phishing victim and input elsewhere your private keys or json file to that phishing link. If not, that router, it's the first time to hear it although I've used Metamask a few times but didn't have any chance of using it.
Is that another third-party add-on for the wallet that you have downloaded? the possible chance that you've lost it because of it is high.


I have done thorough research on my meatball plugin and there is no record of me connecting to new site nor connecting to metamask swap router,  but on Etherscan Approve Checker there is record of metamask swap router.

When I check the penetrating address, it is still stealing from other wallet as of 24hours ago. Leaving zero balance ETH on all the victims. Not even a gwei is left.
TheUltraElite
legendary
Activity: 2898
Merit: 1253
So anyway, I applied as a merit source :)
Re: MetaMask Wallet - Wallet penetration
February 23, 2021, 01:55:40 AM
#6
Quote from: makishart on February 22, 2021, 11:51:02 AM
Im sorry for your lose but you should learn if metamask has a lot of bugs and it seems like the hacker has access to your wallet. Metamask is the crap wallet that ever exist in ethereum ecosystem. You should never use this again. Move to the mobile or desktop wallet.
I dont think that is the case. OP has probably been a victim of a phishing scam. These are too sophisticated to detect only from the transaction data posted by the OP.

Even then, let me ask, did the OP click on any suspicious link in the last 6days - because that is when these have started. Logging in from a hacked extension can also be the case.

There is only one legit Metamask extension and hackers have attempted to hijack systems running vulnerable software to get access to them. Metamask itself is not the problem. OP might be running a older version of the OS and older vulnerable version of a browser, maybe not on their phone but on other devices.
batang_bitcoin
hero member
Activity: 3080
Merit: 603
Re: MetaMask Wallet - Wallet penetration
February 22, 2021, 05:16:58 PM
#5
Maybe you've become a phishing victim and input elsewhere your private keys or json file to that phishing link. If not, that router, it's the first time to hear it although I've used Metamask a few times but didn't have any chance of using it.
Is that another third-party add-on for the wallet that you have downloaded? the possible chance that you've lost it because of it is high.
agustina2
legendary
Activity: 2436
Merit: 1008
Re: MetaMask Wallet - Wallet penetration
February 22, 2021, 03:49:20 PM
#4
Quote from: toyo87 on February 22, 2021, 01:59:52 AM
My MetaMask Wallet was #penetrated and all valuable asset swapped through the "MetaMask Swap Router" contracts and all my ETH was depleted to ZERO BALANCE.

With the high gas price, why the possible hacker will do some transfer by batches if that can be done in a single transaction.

What research have you already done on that matter?
Mighty_crypt
member
Activity: 784
Merit: 21
Re: MetaMask Wallet - Wallet penetration
February 22, 2021, 01:53:19 PM
#3
Should we blame metamask for this? I don't think so, for the fact that you are using any crypto wallet as plugin/add-on on your phone makes its so unsafe, you have no idea what's lurking around browser plugins and add-ons, I've seen the worst and I knew that add-ons are safe, I'm using metamask but that's their mobile app only, sorry for your loss
makishart
legendary
Activity: 3108
Merit: 1029
Re: MetaMask Wallet - Wallet penetration
February 22, 2021, 11:51:02 AM
#2
Im sorry for your lose but you should learn if metamask has a lot of bugs and it seems like the hacker has access to your wallet. Metamask is the crap wallet that ever exist in ethereum ecosystem. You should never use this again. Move to the mobile or desktop wallet.
toyo87
full member
Activity: 738
Merit: 100
Follow on Twitter @realToyoTheo
Re: MetaMask Wallet - Wallet penetration
February 22, 2021, 01:59:52 AM
#1
My MetaMask Wallet was #penetrated and all valuable asset swapped through the "MetaMask Swap Router" contracts and all my ETH was depleted to ZERO BALANCE.

I have checked my wallet on connected App and I found out MetaMask Swap Router is connected. This was not authorized by me.

And

For my #ETH to be withdrawn to ZERO balance,  this is not an outside attack on my wallet.


My wallet address: 0x6e82Dfba66Bb9E55E287A1B98C2179Acd94d5C3c

Screenshots of my wallet.









Bitcoin Forum>Alternate cryptocurrencies>Marketplace (Altcoins)>Service Discussion (Altcoins)
Jump to: