Exploit targets crypto veterans, drains over $10M across 11 blockchains

Share This Post

An as-of-yet unidentified wallet-draining exploit has taken more than $10.5 million in nonfungible tokens (NFTs) and coins since December 2022 from experienced community members who were “reasonably secure.”

MetaMask developer Taylor Monahan brought the issue to light and said that at least 5,000 Ether (ETH) had been stolen, but also noted that the extent of the losses has not yet been determined. Monahan highlighted that “no one knows how” the exploit works yet.

Monahan also warned crypto veterans that the exploit is distinct from the typical phishing attempts or random scammers. It does not target newbies but rather focuses on those who are relatively experienced in safeguarding their digital assets.

According to the developer, some of the exploit’s known features are that it targets keys created from 2014 to 2022 and users who are more “crypto native” — those with multiple addresses and who work within the space.

Because of this, the developer advised those with their assets connected to a single private key to migrate their funds, split up their assets or get a hardware wallet.

Related: Hacker mints 1 quadrillion yUSDT after exploiting old Yearn.finance contract

Community member Jacky Goh commented that the unknown hack is another reminder to use a hardware wallet. Goh tweeted that those holding over $1,000 for more than a week should move their funds to a hardware wallet. This will “save you in the long run,” he said.

Meanwhile, cybersecurity and antivirus provider Kaspersky said that it detected over 5 million crypto phishing attacks in 2022, a 40% increase from 2021, when it only detected around 3.5 million attacks.

Magazine: US enforcement agencies are turning up the heat on crypto-related crime