Crypto veterans targeted in mysterious MetaMask heists – 5k ETH stolen


More than 5,000 Ethereum (ETH) and an undetermined quantity of tokens and NFTs have been stolen across multiple chains in an ongoing hack since late last year, said MetaMask dev @tayvano_.

“I don’t know how big it is but since Dec 2022 it’s drained 5000+ ETH and ??? in tokens / NFTs / coins across 11+ chains.“

The dev added that he has been investigating for the last two days but cannot determine how the attacker is carrying out the thefts. Moreover, the victims are all “OGs who are reasonably secure.”

OGs targetted in sophisticated MetaMask heist

@tayvano_ pointed out that this is a sophisticated attack deliberately targeting OGs, reiterating that no one can work out where the exploit lies.

“This is NOT a low-brow phishing site or a random scammer. It has NOT rekt a single noob. It ONLY rekts OGs.”

Forensic device examination has led nowhere — further stumping investigations into the method used to access the victims’ MetaMask wallet.

The commonalities between cases were the keys were created between 2014 and 2022, and victims are “crypto native,” such as possessing multiple addresses and working within the crypto industry.

The hacker will commit “primary” thefts, with “secondary” thefts following hours later to collect assets and dust missed during the initial heist — sometimes weeks or months later.

In the case of large thefts, the attacker will swap assets into ETH inside the wallet, then send the tokens to a centralized swapper, including SimpleSwap and ChangeNOW — always swapping into Bitcoin (BTC).

Sitting on the swapped BTC for a week, the funds are sent to a mixer for address obfuscation.

Tips on staying safe

@tayvano_ speculates that the attacker has acquired a data cache from the victims’ device. Using this, they can abstract the MetaMask keys — but he stresses that this is “just a guess.”

“My best guess rn is that someone has got themselves a fatty cache of data from 1+ yr ago & is methodically draining the keys as they parse them from the treasure trove.“

The dev cautions MetaMask users to avoid storing all their digital assets on a single wallet key. Instead, people should split their crypto across multiple keys or hold assets on a hardware wallet.

“PLEASE DON’T KEEP ALL YOUR ASSETS IN A SINGLE KEY OR SECRET PHRASE FOR YEARS. THE END.“

The post Crypto veterans targeted in mysterious MetaMask heists – 5k ETH stolen appeared first on CryptoSlate.



Source

Recommended For You

About the Author: wp4crypto

Leave a Reply

Your email address will not be published. Required fields are marked *