Metamask has been the first browser in the list of Ethereum browsers that recently started to inject Web3 into its system – mainly after a recently-uncovered privacy issue that triggered additional security for the wallets within the Ethereum ecosystem.
The news was first published by Paul Bouchon in a Medium blog post.
As a popular Ethereum wallet and dApp browser, Metamask lets users visit the distributed web and navigate the dApp towards the blockchain, as well as help in accessing user account addresses and proposing transactions.
However, the recent privacy exposure showed that malicious sites can scan the injected objects and track Ethereum users even with the extension being locked. This attack is known as “fingerprinting” in the crypto scams verbiage – and a method which makes users vulnerable to a variety of attacks.
Aside from this practice, many users have been victims of phishing campaigns which mimic the browser interface and trigger them to enter their user and password. Once the extension unlocks, the players can also see the victim’s Ethereum address from which they can gain access to all of his private information (transaction history, balance and other information).
The dApp browsers such as MetaMask, imToken, Status and Mist will all require new updates to their existing dApps so that this new privacy measure is properly addressed. Users, on the other hand, will start seeing more “login” buttons on dApps and will be able to deny blockchain access for the websites that they consider untrustworthy.
DC Forecasts is a leader in many crypto news categories, striving for the highest journalistic standards and abiding by a strict set of editorial policies. If you are interested to offer your expertise or contribute to our news website, feel free to contact us at [email protected]
Discussion about this post