MetaMask Ethereum Wallet update to prevent scams

xuanling11
Coinmonks
Published in
2 min readJul 28, 2022

--

Photo by Georgi Dyulgerov on Unsplash

MetaMask just announced its update on 07/27/22. This update is critical because it will prevent “Wallet Drainer”.

What is Wallet Drainer

Wallet Drainer is a way to attack the wallet that, through the smart contract and links NFT project with other wallets without admitting approval from the individual signature required to each wallet.

How the Wallet Drainer works are following:

  • fake NFT page with an artificial countdown to create urgency
  • victim connects wallet
  • the program will check valuable of NFTs
  • victim active the signature to transaction(s) to transfer ownership of NFTs
  • program fake the “mint” and transaction will not interact with the smart contract
  • the process repetitive

Here is how technically the program works and comprehensively addresses the potential impact of this attack.

How MetaMask prevents such attack

With an extra step to allow the wallet to get permission for all transactions, the user has a way to stop a bundle of transactions at once without permission allow…

--

--