‘Demonic’ Threat Looms Large Over Crypto Wallets, Metamask and Phantom Deploy Security Patches

If Demonic was to latch on-to a crypto wallet, it could lead to the wallet’s hostile takeover.

‘Demonic’ Threat Looms Large Over Crypto Wallets, Metamask and Phantom Deploy Security Patches

Photo Credit: Reuters

People who use crypto wallets via browsers must migrate to a new set of accounts

Highlights
  • The vulnerability has been in existence since 2021
  • Discussions have opened around it to make people aware
  • Brave and other affected wallets yet to release statement

A cyber vulnerability, codenamed ‘Demonic', has been risking the networks of crypto wallets like Metamask, Brave, and Phantom. The threat, that was discovered last year, is now being addressed publicly to make people aware and limit any damage that may be caused to them. If Demonic was to latch on-to a crypto wallet, it could lead to the wallet's hostile takeover. This issue is known to impact those people who access their crypto wallets via unencrypted desktop browsers.

Blockchain security firm Halborn has informed the affected wallet providers about the issue, while suggesting the deployment of a quick security update.

Soon after, Metamask published a blog on Medium informing users that the vulnerability has been fixed.

“Security researchers at Halborn have disclosed an instance where a Secret Recovery Phrase used by web-based wallets like MetaMask could be extracted from the disk of a compromised computer under some conditions. We have since implemented mitigations for these issues, so these should not be problems for users of the MetaMask Extension versions 10.11.3 and later,” the post read.

The Demonic was not just active on Windows and macOS browsers, but was also functional on Linux, Google Chrome, Chromuim, and Firefox browsers.

In its blog Metamask explained that the vulnerability is most likely to affect users who had a device compromised or stolen soon after importing their Secret Recovery Phrase into the servers of their crypto wallet providers.

Phantom, the Solana-based DeFi and NFT wallet also issued a statement acknowledging that Demonic was a potential issue, which the company claims, has now been tackled.

“After some investigation and an official audit, fixes began rolling out in January 2022 and by April, Phantom users became protected from this critical vulnerability. An even more exhaustive patch is rolling out next week that we believe will make Phantom's browser extension the safest from this vulnerability in the industry,” the company wrote in a post.

Halborn recommends people who use crypto wallets via browsers to migrate to a new set of accounts as soon as possible.

“Rotating passwords/keys and the use of a hardware wallet in conjunction with the browser-based wallet can also provide increased security for users. Enabling local disk encryption is another best practice which mitigates this issue,” the security research firm added.

For now, details on how many wallets have been affected by Demonic remains unknown.

So far in 2022, cyber criminals have stolen $1.7 billion (roughly Rs. 13,210 crore) in digital assets with Decentralised Finance (DeFi) protocols accounting for 97 percent of the total, a report by Chainalysis had recently claimed.

The $600 million (roughly Rs. 4,660 crore) Ronin bridge breach in late March and the $320 million (roughly Rs. 2,486 crore) Wormhole attack in February were the main sources of the loot.


Missed Apple's WWDC 2022? We discuss every major announcement on Orbital, the Gadgets 360 podcast. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.
Comments

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.

Radhika Parashar
Radhika Parashar is a senior correspondent for Gadgets 360. She has been reporting on tech and telecom for the last three years now and will be focussing on writing about all things crypto. Besides this, she is a major sitcom nerd and often replies in Chandler Bing and Michael Scott references. For tips or queries you could reach out to her at RadhikaP@ndtv.com. More
Google Pixel Watch to Be Offered in a Variety of Band Options: Report
Share on Facebook Tweet Snapchat Share Reddit Comment

Advertisement

Advertisement

© Copyright Red Pixels Ventures Limited 2022. All rights reserved.