MetaMask and Phantom crypto wallets eliminate the vulnerability of the browser extension
Popular cryptocurrency wallets, including MetaMask and Phantom, have been suffering from a critical vulnerability in their browser software extension for several months, according to a report published on Wednesday by cybersecurity company Halborn.
The vulnerability, which appeared in September 2021 and has now been fixed, put users' funds at risk because it allowed hackers to extract the source phrases for wallet recovery stored on computer disks. However, exploits that could be associated with the vulnerability have not yet been reported.
In the report, the Halborn researchers reported that the initial phrases generated by wallet providers are stored on users' computers in plain text as part of the "Session Recovery" function. This meant that attackers could gain access using malware or physical access. Halborn added that they were working with wallet vendors to make fixes against the vulnerability.
MetaMask, the most popular web3 wallet on Ethereum (ETH), explained that the critical security issue affected only a "small segment of users" and that the vast majority of users were not at high risk. The MetaMask team added that it has already released measures to address the vulnerability in its latest wallet update for browsers.
Meanwhile, Phantom, the most commonly used web3 wallet on the Solana (SOL) blockchain, said it began releasing fixes back in January, three months after the vulnerability was initially flagged by Halborn. In addition, Phantom plans to release another comprehensive patch next week.
https://coin-signal.com/cryptonews/metamask-and-phantom-crypto-wallets-eliminate-the-vulnerability-of-the-browser-extension/
#Browser, #Crypto, #Cryptonews, #Eliminate, #Extension, #Metamask, #Phantom, #Vulnerability, #Wallets
#CryptoNews