MetaMask: Large-Scale Wallet Theft Is Not Due to MetaMask Vulnerabilities

Web3 wallet MetaMask stated on Twitter today that recent tweets by @tayvano_ incorrectly claimed that large-scale wallet theft was the result of MetaMask vulnerabilities. This is not correct. Claims that 5,000 $ETH were stolen from MetaMask are also incorrect.

MetaMask developer @tayvano_ stated that there have been a large number of wallet thefts exceeding 5,000 $ETH since December 2022. The only known common point is that the keys were created between 2014 and 2022, and mainly by crypto Ogs rather than new users.

The MetaMask security team is working with other parties in the Web3 wallet field to investigate the source of this vulnerability exploit. SlowMist founder Yu Xian stated that a reasonable explanation is that private keys were indiscriminately collected in certain data, and hackers gradually discovered that there were private keys in this data.

As usual, users are advised to store seed phrases offline and securely, and to store more cryptocurrencies in hardware wallets.