According to MetaMask developer @tayvano_, over 5,000 Ethereum (ETH) and unknown quantities of tokens and NFTs have been stolen from multiple chains in ongoing hacks since late last year.
“I don’t know the scale, but since December 2022, over 5000 ETH has been exfiltrated, ??? tokens/NFTs/coins across 11+ chains.“
of Developer He added that he has been investigating for the past two days and cannot determine how the attackers are conducting the theft. Moreover, all victimsA reasonably safe OG. “
OG Targeted in Sophisticated MetaMask Heist
@tayvano_ pointed out that this is a sophisticated attack intentionally targeting OG and reiterated that no one can figure out where the exploit is.
“This is not a vulgar phishing site nor random scammers. It does not rekt a single noob. Only rejects OG.”
Examination of forensic devices led nowhere. Further investigation into the method used to access the victim’s MetaMask wallet has stalled.
The commonality between the cases is that the keys were created between 2014 and 2022, and that the victims have multiple addresses and are “crypto natives,” such as working in the crypto industry.
The hacker will make a “primary” theft, and a few hours later a “secondary” theft, collecting assets and dust that were missed in the first heist.
In the case of a large-scale theft, attackers swap assets for ETH within the wallet and send tokens to centralized swappers such as SimpleSwap or ChangeNOW. Always swap to Bitcoin (BTC).
The swapped BTC will be held for 1 week and the funds will be sent to the mixer for address obfuscation.
Tips for staying safe
@tayvano_ speculates that the attacker obtained the data cache from the victim’s device. It can be used to abstract the MetaMask key, but he stresses that this is “just speculation.”
“My guess is that someone grabbed a large cache of data that was over a year old and methodically drained the keys as they parsed them from the treasure trove.“
Developers warn MetaMask users not to store all their digital assets in a single wallet key. Instead, you should split your crypto into multiple keys or keep your assets in a hardware wallet.
“Don’t keep all your assets under a single key or secret phrase for years. The end.“
Post Crypto Veteran Targeted in Mysterious MetaMask Heist – Stolen 5,000 ETH first appeared on CryptoSlate.
