MetaMask Ethereum Wallet update to prevent scams
MetaMask just announced its update on 07/27/22. This update is critical because it will prevent "Wallet Drainer".
https://twitter.com/wallet_guard/status/1552329047836966915
What is Wallet Drainer
Wallet Drainer is a way to attack the wallet that, through the smart contract and links NFT project with other wallets without admitting approval from the individual signature required to each wallet.
https://twitter.com/TheOnlyNom/status/1552521385796423680
How the Wallet Drainer works are following:
- fake NFT page with an artificial countdown to create urgency
- victim connects wallet
- the program will check valuable of NFTs
- victim active the signature to transaction(s) to transfer ownership of NFTs
- program fake the "mint" and transaction will not interact with the smart contract
- the process repetitive
- Here is how technically the program works and comprehensively addresses the potential impact of this attack.
%[
How MetaMask prevents such attack
%[
With an extra step to allow the wallet to get permission for all transactions, the user has a way to stop a bundle of transactions at once without permission allow from the user side.
%[https://github.com/MetaMask/metamask-extension/pull/15010]
You may think that is no a big deal but it saves a lot of NFTs project to prevent attacking users valuable assets.
How to prevent the attack
%[https://dappradar.com/blog/how-to-prevent-scammers-from-draining-your-wallet]
- Never click on links from unidentified sources.
- Never click Google Ads for crypto services, instead go to the official website yourself.
- Always use Two-Factor Authentication (2FA) when possible. Google Authenticator is free to use, so use it.
Also, double-check the website before connecting your wallet to the suspective website.
If you want to support my writing, buy me a coffee here.
Photo by Markus Spiske on Unsplash
Note: Cross-references of this article have been created by the author and have been cross-referenced on multiple platforms here. Please reference the resources and credits here. Reach out to the authors if you have any questions.