BTC $101,590.52 0.64%
ETH $2,261.26 2.48%
SOL $135.06 4.89%
PEPE $0.0000090 3.98%
SHIB $0.000010 4.29%
DOGE $0.15 2.89%
XRP $2.02 2.50%
ETH Gas (gwei) 2.84
Cryptonews Bitcoin News

MetaMask, Phantom, Brave, and XDefi Wallets Patch ‘Demonic Critical Vulnerability’ Before an Attack

DeFi MetaMask Security Wallet
Author
Ruholamin Haqshanas
Author
Ruholamin Haqshanas
About Author

Ruholamin Haqshanas is a contributing crypto writer for CryptoNews. He is a crypto and finance journalist with over four years of experience. Ruholamin has been featured in several high-profile crypto...

Author Profile
Last updated: 
Why Trust Cryptonews
Cryptonews has covered the cryptocurrency industry topics since 2017, aiming to provide informative insights to our readers. Our journalists and analysts have extensive experience in market analysis and blockchain technologies. We strive to maintain high editorial standards, focusing on factual accuracy and balanced reporting across all areas - from cryptocurrencies and blockchain projects to industry events, products, and technological developments. Our ongoing presence in the industry reflects our commitment to delivering relevant information in the evolving world of digital assets. Read more about Cryptonews
Source: AdobeStock / paul

 

A number of prominent browser extension wallets, including Ethereum (ETH) wallet MetaMask, Solana (SOL)‘s Phantom, Brave, and cross-chain wallet extension XDefi, have patched a “critical vulnerability” that could have exposed sensitive login credentials if specific conditions were met.

The wallet providers claim the vulnerability has not been exploited by bad attackers, meaning no user funds were stolen using this vector of attack.

In a blog post, MetaMask detailed that the issue did not impact MetaMask Mobile users and only affected “a small segment of MetaMask Extension users as well as users of other browser/extension wallets.”

The popular Ethereum wallet said that they have since implemented updates to solve the issue, claiming that it does not affect users of the MetaMask Extension versions 10.11.3 and later. MetaMask added that users need to worry only if all of the following conditions are met:

  • their hard drive was not encrypted;
  • they imported their Secret Recovery Phrase into a MetaMask extension on a device that is in possession of someone they do not trust, or their computer is compromised;
  • they used the “Show Secret Recovery Phrase” checkbox to view their Secret Recovery Phrase on-screen during the import process.

“If your computer is not physically secure from people you do not trust, we recommend you enable full disk encryption on your system,” MetaMask said. “Additionally, you are not affected by this if your funds are managed by a hardware wallet.”

Solana’s Phantom, a self-custodial wallet for decentralized finance (DeFi), also confirmed they were affected by the issue, saying they were first notified about the vulnerability in September 2021.

“After some investigation and an official audit, fixes began rolling out in January 2022 and by April, Phantom users became protected from this critical vulnerability,” Phantom claimed, adding that they will release “an even more exhaustive patch” next week.

The security vulnerability was discovered and reported to all affected wallet browsers by blockchain security firm Halborn. “We disclosed a critical vulnerability affecting MetaMask, Phantom, Brave, and XDefi, and other browser based crypto wallets,” the company said in a Twitter thread.

Halborn said they discovered the “Demonic” vulnerability back in May 2021 and provided assistance to all affected browsers with the help of MetaMask.

The blockchain company has also received a USD 50,000 bounty from MetaMask for the discovery, which “was the largest security-related payout that MetaMask had ever made at the time,” Halborn said

The incident is yet another reminder that internet-connected hot wallets are subject to security vulnerabilities. Users can consider hardware wallets for better security.

____

Learn more: 
MetaMask Aims to Help Crypto Scam & Phishing Victims Take Legal Action Against Fraudsters
MetaMask Issues Warning About Phishing Attacks Via iCloud After a User Lost USD 650K

Privacy-Focused Brave Browser Aims to ‘Cut Out’ Google With De-AMP
As Opera Challenges Brave Browser with Push Further into Crypto, How Do They Compare?

Here’s How You Can Protect Yourself Against Phishing as Trezor is Attacked
Crypto Security in 2022: Prepare for More DeFi Hacks, Exchange Outages, and Noob Mistakes 

Press Releases
ChatGPT Predicts the Price of XRP, Shiba Inu and Bitcoin Cash by the End of 2025
Price Analysis
Bitcoin Price Prediction: Already Down, Iran Attacks Send BTC Price to $102,760 – Buy the Dip?
2025-06-22 10:32:04
,
by Arslan Butt
Press Releases
ChatGPT Predicts the Price of XRP, Pi Coin and Cardano by the End of 2025
Best Crypto to Buy Now in June 2025 – Top Crypto to Invest In
2025-05-06 11:00:00
,
by Alan Draper
Best New Crypto Coins to Invest In 2025 – Top New Cryptocurrencies
2025-05-06 05:05:39
,
by Ines S. Tavares
13 Best Crypto Presales to Invest In 2025 – Presale Crypto List
2025-03-03 00:01:51
,
by Alan Draper
13 New & Upcoming Coinbase Listings in June 2025
2025-04-13 09:45:30
,
by Ilija Rankovic
14 New & Upcoming Binance Listings in 2025
2025-05-05 04:00:00
,
by Ilija Rankovic
What Is the Next Crypto to Explode in 2025?
2024-09-11 14:50:06
,
by Ilija Rankovic
Bitcoin (BTC) Price Prediction 2025 – 2030
2024-10-19 00:00:00
,
by Leon Waters
Ripple (XRP) Price Prediction 2025, 2026 – 2030
2024-08-28 00:00:00
,
by Eric Huffman
Ethereum Price Prediction 2025–2030: Will ETH Bounce Back?
2024-08-28 00:00:00
,
by Ben Beddow
Logo

Why Trust Cryptonews

2M+
Active Monthly Users Around the World
250+
Guides and Reviews Articles
8
Years on the Market
70
International Team Authors
editors
+ 66 More
Authors List

Best Crypto ICOs

Discover trending tokens still in presale — early-stage picks with potential

Explore Our Tools

Smart tools made for everyday crypto users

Market Overview

  • 7d
  • 1m
  • 1y
Market Cap
$3,211,449,366,789
-6.97
Trending Crypto
Press Releases
ChatGPT Predicts the Price of XRP, Shiba Inu and Bitcoin Cash by the End of 2025
Price Analysis
Bitcoin Price Prediction: Already Down, Iran Attacks Send BTC Price to $102,760 – Buy the Dip?
2025-06-22 10:32:04
,
by Arslan Butt
Press Releases
ChatGPT Predicts the Price of XRP, Pi Coin and Cardano by the End of 2025
Best Crypto to Buy Now in June 2025 – Top Crypto to Invest In
2025-05-06 11:00:00
,
by Alan Draper
Best New Crypto Coins to Invest In 2025 – Top New Cryptocurrencies
2025-05-06 05:05:39
,
by Ines S. Tavares
13 Best Crypto Presales to Invest In 2025 – Presale Crypto List
2025-03-03 00:01:51
,
by Alan Draper
13 New & Upcoming Coinbase Listings in June 2025
2025-04-13 09:45:30
,
by Ilija Rankovic
14 New & Upcoming Binance Listings in 2025
2025-05-05 04:00:00
,
by Ilija Rankovic
What Is the Next Crypto to Explode in 2025?
2024-09-11 14:50:06
,
by Ilija Rankovic
Bitcoin (BTC) Price Prediction 2025 – 2030
2024-10-19 00:00:00
,
by Leon Waters
Ripple (XRP) Price Prediction 2025, 2026 – 2030
2024-08-28 00:00:00
,
by Eric Huffman
Ethereum Price Prediction 2025–2030: Will ETH Bounce Back?
2024-08-28 00:00:00
,
by Ben Beddow

More Articles

Features
Trump’s Tax Bill Could Squeeze Bitcoin Miners Who Rely on Solar Power
Jeffrey Gogo
Jeffrey Gogo
2025-06-23 12:57:42
Industry Talk
Cardano Price Prediction As Expert Traders Spot Death Cross Pattern – Is A Dip to $0.3 Next?
Tim Hakki
Tim Hakki
2025-06-23 12:40:05
Ruholamin Haqshanas
Ruholamin Haqshanas is a contributing crypto writer for CryptoNews. He is a crypto and finance journalist with over four years of experience. Ruholamin has been featured in several high-profile crypto and finance outlets. He has also worked with some major crypto and DeFi projects as a content creator.
Read More
Crypto News in numbers
editors
Authors List + 66 More
2M+
Active Monthly Users Around the World
250+
Guides and Reviews Articles
8
Years on the Market
70
International Team Authors