menuIcon
$ 94,959.7
BTC
$ 94,959.7
0.22 %
$ 1,822.37
ETH
$ 1,822.37
0.68 %
$ 0.7122
ADA
$ 0.7122
-1.80 %
$ 609.99
BNB
$ 609.99
0.72 %
$ 148.94
SOL
$ 148.94
-1.71 %
Usha Yadav
Jun 16, 2022
by Usha Yadav

MetaMask and Phantom Fix Browser Extension Vulnerability

browser extension

Table of contents

  1. Security Flaw Affected Small Fraction of Users
According to research released on Wednesday by cybersecurity firm Holborn, popular crypto wallets such as MetaMask and Phantom have been plagued by a severe vulnerability in their browser extension software for months. Hackers were able to obtain wallet recovery seed phrases saved on computer discs, putting users' assets in danger. The vulnerability, which dates back to September 2021 and has already been addressed, puts users' funds at risk. However, no exploits linked to the issue have been reported as of yet.

The seed phrases supplied by wallet providers were retained in plain text on customers' PCs as part of the "Restore Session" feature, according to Halborn's researchers. This means that bad actors may use software or physical access to get access. According to Halborn, they worked with wallet providers to patch their wallets against the vulnerability.

 

Security Flaw Affected Small Fraction of Users

The most popular Web3 Ethereum wallet, MetaMask, stated that the significant security flaw only affected a "small fraction of users" and that the great majority of users were not at risk. There may be a "situation where user keys are found unencrypted on disc in unusual edge scenarios," according to the MetaMask blog. It has also released mitigations for its most recent browser extension version. Meanwhile, Phantom, the most popular web3 wallet on the Solana blockchain, announced that it began distributing remedies in January, three months after Halborn first identified the flaw. Phantom also stated that another comprehensive patch would be released next week.

Follow us on: News
MetaMask Phantom CryptoWallets
MetaMask and Phantom Fix Browser Extension Vulnerability
Usha Yadav
Usha is a diehard crypto enthusiast and has been actively writing on different facets of the blockchain and crypto world. She has authored many research articles on cryptocurrency and aims to provide informational and quality content to readers. She firmly believes that crypto has a great potential to redefine the world of finance and blockchain.

Top Picks