Cryptocurrency wallet provider MetaMask has denied allegations that a vulnerability in its wallet led to a massive wallet-draining operation, resulting in the loss of over 5,000 Ether. These claims emerged after a series of tweets by Taylor Monahan, the founder of Ethereum wallet manager MyCrypto, detailed an unidentified exploit that has stolen over $10.5 million in crypto and nonfungible tokens (NFTs) since December 2022.
Details of the Wallet-Draining Operation
MetaMask clarified that the wallet-draining operation did not result from a specific MetaMask exploit, stating that the 5,000 ETH were stolen "from various addresses across 11 blockchains." Wallet Guard co-founder Ohm Shah explained that the MetaMask team has been working tirelessly to understand the issue, with numerous independent security researchers also investigating the exploit. Shah speculated that a possible cause could be a private key or seed phrase leak.
Ongoing Investigation and Collaboration with Web3 Wallet Space
MetaMask's security team is actively researching the source of the exploit, collaborating with others in the Web3 wallet space to uncover the cause. Monahan's initial claim that the attacker targeted long-time MetaMask users and employees was later amended, clarifying that the exploit is not MetaMask-specific and has impacted users of all wallets, including those created on hardware wallets.
