Security researchers at Halborn discovered a vulnerability in most browser wallets, including MetaMask. The issue affects a small percentage of users.

security researchers @HalbornSecurity MetaMask.https://t.co/2tBl8BfISA disclosed a wallet vulnerability affecting a small segment of users in several browser-based wallets

1/ 🧵

— MetaMask 🦊💙 (@MetaMask) 15 June 2022

Experts have uncovered a situation where, under certain conditions, the secret recovery phrase used by web wallets can be extracted from the disk of a hacked computer.

The developers fixed the vulnerability in MetaMask Extension 10.11.

However, they warned that users who meet the following conditions may be at risk:

• the hard drive is not encrypted;
• the recovery phrase was transferred to someone else’s device or the computer was compromised;
• used the “Show Recovery Password” checkbox to display text on the screen (image below).

The MetaMask team noted that the vulnerability was caused by browsers not seeing physical access attacks as a threat and storing all text inputs in the device’s memory. The risk can only be completely eliminated with full disk encryption.

Among other recommendations from the developers: cleaning the browser cache and anti-virus protection of the computer.

“Neither the wallet nor the software can protect themselves if the system they are working on is compromised,” they said.

Halborn received a $50,000 reward for the disclosure of the vulnerability.

Recall that in June 2022, the MetaMask team launched a bounty program in partnership with the HackerOne platform.

Read ForkLog bitcoin news in our Telegram – cryptocurrency news, courses and analysis.