MetaMask, a popular Ethereum wallet, has denied recent reports which suggested that a substantial wallet-draining operation resulted from a platform vulnerability. The wallet provider clarified on Twitter that the operation was not a MetaMask-specific exploit, adding that the claim of 5,000 ETH being hacked from MetaMask was incorrect.
Notably, MetaMask shared the post on Twitter about the incorrect claim:
Recent reporting on @tayvano_’s thread has incorrectly claimed that a massive wallet draining operation is a result of a MetaMask exploit.
This is incorrect. This is not a MetaMask-specific exploit. https://t.co/MiJ3QgslMy
— MetaMask 🦊💙 (@MetaMask) April 18, 2023
The provided data indicated that 5,000 ETH was stolen from various addresses across 11 different blockchains. The company has said its security team is currently collaborating with other web3 wallet providers to investigate the source of the exploit.
A Twitter user, Tay, was the first person who shared a detailed account of the wallet-draining operation, stating that over 5,000 ETH and an unknown amount of tokens, NFTs, and coins have been drained across 11 blockchains since December 2022. According to the user, the thefts have impacted users of all wallets, including those created on hardware wallets or generated for the Ethereum presale, and the source of the exploit remains unidentified.
Significantly, the attacker seems to target assets in a single key or secret phrase, often missing staked positions, NFTs, or lesser-known tokens. Tayurged users to split up their assets, use hardware wallets, and migrate their funds to protect themselves.
The drained funds typically pass through various addresses, sometimes through other victims’ accounts, before being consolidated and moved out. The attacker often uses centralized swapping platforms such as FixedFloat, SimpleSwap, SideShift, ChangeNOW, and LetsExchange to convert the stolen funds to Bitcoin. The final destination for the funds involves various crypto mixers, including Coinomize, Wasabi, and CryptoMixer.
In light of the ongoing investigation, MetaMask reminds users to store their Secret Recovery Phrase securely offline and keep larger amounts of cryptocurrency in hardware wallets for additional protection.