An attacker has drained “hundreds” of crypto wallets on Ethereum Virtual Machine (EVM) chains, siphoning small sums from each victim in what onchain investigator ZachXBT described as a broad but low-value exploit.
The losses appear limited on a per-wallet basis, with each victim losing less than $2,000, according to . The activity has affected wallets on several EVM-compatible networks, indicating a widespread incident rather than isolated to a single blockchain.
A fraudulent email disguised as legitimate communication from Web3 wallet MetaMask could have been the vehicle for the attack, cybersecurity researcher Vladimir S., who cited a clue left by another pseudonymous X user.
“This looks like automated, wide-net exploitation,” cybersecurity provider Hackless , warning users to revoke smart contract approvals and continue monitoring their wallets.
The widespread wallet drain attacker is potentially linked to the that occurred on Christmas, Vladimir S. said, another pseudonymous X user.
The incident highlights the need for crypto holders to to protect their funds and sensitive information from constant and evolving cybersecurity threats.
Related:
The Trust Wallet was hacked on Dec. 25, causing $7 million in losses. in the incident, according to Trust Wallet.
The incident likely occurred due to the “Sha1-Hulud” in November, which compromised npm software packages commonly used by crypto projects to build blockchain applications, according to Trust Wallet’s incident .
Developer “secrets” were leaked from Trust Wallet’s GitHub, which gave the attacker access to the wallet’s browser extension source code.
The hacker then uploaded a malicious version of the extension to the Chrome Web Store, disguised as the legitimate extension.
“This kind of ‘hack’ is not natural. The chances of an insider are high,” intergovernmental blockchain adviser Anndy Lian .
Binance co-founder and former CEO Changpeng “CZ” Zhao agreed that the incident may have been due to an insider with deep knowledge of Trust Wallet’s source code. Binance owns Trust Wallet.
Trust Wallet’s Google Chrome web-based browser extension was targeted in the attack, but the mobile application was unaffected, and Binance agreed to reimburse users for losses.
Magazine:
