The custodians of non-custodial cryptogamation MetaMask spent over $10.5 million through an unknown pardon.
For the past 48hrs I’ve been unwinding a massive wallet draining operation 😳😭
I don’t know how big it is but since Dec 2022 it’s drained 5000+ ETH and ??? in tokens / NFTs / coins across 11+ chains.
Its rekt my friends & OGs who are reasonably secure.
No one knows how. pic.twitter.com/MafntG7RkP
— Tay 💖 (@tayvano_) April 18, 2023
MetaMask retailer Taylor Monahan said that from March 2022, we will be able to help the attacker win over 5000 ETH for that unknown amount of tokens from 11 different blockchains.
Behind Monahan’s words, none of the teams know how the exploit works, so it’s impossible to determine the exact size of the hits.
Taylor Monahan
As a result of investigations, the attacker of destinations on addresses, as it happened in the period from 2014 to 2022.
As a rule, after a few years after the first evil, the hacker turns around to get the assets that he has lost, while exchanging tokens for Ethereum. Approximately in a week, the attacker converts the stolen coins into bitcoin and sends the coins to the cryptomixer.
Monahan was also ahead of the curve that the exploit was nothing like the typical phishing or scam. Rather than targeting “crypto veterans”, as if they could protect their digital assets.
My best guess rn is that someone has got themselves a fatty cache of data from 1+ yr ago & is methodically draining the keys as they parse them from the treasure trove.
But that’s just a guess. I *don’t* know.
It is NOT cryptographic/entropy related tho, don’t waste your time.
— Tay 💖 (@tayvano_) April 18, 2023
“My best excuse is to take off the fat data collection more than the fate and to methodically draw the keys, if the coristuvachi look at them in their gamanci. […] Nothing to do with cryptography or entropy, don’t waste your time,” Monahan said.
With the help of security, retailers pleased the investors to spread the coins at different addresses and get the appartment gamanets.
Guessing, the fierce MetaMask team ahead of about phishing attacks and detailed company address.
At the birch, gamantsya retailers corrected the pardon privacy, which was blamed for interaction with decentralized add-ons.