Firefox is a free and open source web browser developed by Mozilla Foundation. First released in 2002 under the name Phoenix. It's available for most operating systems including Windows, macOS, Linux and most phones and tablets. Metamask is a cryptocurrency wallet which can be used on the Chrome, Firefox and Brave browsers. It’s also a browser extension. This means that it works like a bridge between normal browsers and the Ethereum blockchain. The Ethereum blockchain is a network where users can build their own apps (which are called dApps) and cryptocurrencies. On the whole, MetaMask is an excellent addition to Firefox if you are looking for an easier way to access Ethereum-enabled Dapps, manage your identities and perform transactions. It comes with an. How to open MetaMask extension in a tab in Expand view on Firefox to extract the wallet Vault using a command. In Firefox you may need to have the MetaMask extension opened in 'Expanded view' to be able to open the 'Inspect Element' or Web Inspector, checkout this video and follow the instructions below. Test: firefox e2e on gh action; test: more delay in e2e test; feat: support base32 in api level; fix: missing deps; test: e2e test; fix: show base32 address in sig req; test: more delay in e2e after custom gas; feat: new mainnet endpoint; chore: update caniuse lite; fix: reduce ui.js size; fix: PORTAL-429 can't get trusted token balance; test.
Over the past week, users of the MetaMask cryptocurrency wallet have been losing funds to a phishing scam that lured potential victims through Google search ads.
MetaMask has a community of more than one million users. The site offers an Ethereum cryptocurrency wallet in the browser via a browser extension that lets distributed applications read from the blockchain.
When installing the legitimate extension, you can either import an existing wallet or create a new one along with the secret seed phrase that allows access to the wallet.
MetaMask users find empty wallets
Although it is unclear how many MetaMask users fell for the scam, some say they ended up with empty wallets after clicking on a fraudulent search ad being promoted as the MetaMask site.
The phishing/ad scam is still active, with a new domain constantly being promoted via Google search ads.
On Wednesday, MetaMask alerted its community of the scam and recommended the use of direct links to the legitimate metamask.io URL and to stay away from sponsored ads.
The warning came too late for some users, though, as some users reported losses of tens of thousands of U.S. dollars.
Complaints started pouring in this week, all stories describing the same scenario: the money was gone after trying to install the MetaMask browser extension.
It was determined that the users were going to a fake MetaMask phishing page through Google ads. Once on the page, they are prompted to install the extension, which will give them an option to either import an existing wallet or create a new one.
If they click on the 'Create Wallet' button, they are brought to the real MetaMask.io site as there are no cryptocurrency to steal. However, if they click on the 'Import a wallet' option, they will be asked to enter the key phrase of their existing wallet, which is then sent to the attacker.
As soon as the scammer got the seed phrase, they proceeded to empty the victims’ wallets. In replies to MetaMask’s warning on Twitter, one user said they were robbed of nearly $30,000.
Multiple domains pushed in Google search ads
The scammers purchased Google ads to target users searching for MetaMask in the Google search engine. These ads led to a fraudulent domain impersonating the cryptocurrency service.
They registered multiple domains for the scam, which is currently ongoing, as seen in the screenshot below taken by BleepingComputer:
The domain maskmefa[.]io is currently promoted in search ads when looking for MetaMask on Google. The spelling of the service in the title ad should be a red flag, but most users are likely to miss this (note the Russian 'к' and space before the top-level domain). A whois lookup on Domaintools shows that it was registered only yesterday.
Blockchain forensics company CipherTrace in a post this week mentions three other domains used for the scam:
- maskmeha[.]io
- installmetamask[.]com
- meramaks[.]io
The first two are ten and nine days old, respectively, while the third was registered yesterday. All were registered through the same registrar, NameCheap.
Users landing on the fraudulent sites would have difficulty spotting the fraud because it looks almost identical to the legitimate MetaMask page. Even if they check the domain in the address bar, there is a high chance of falling for the trick.
The only difference between the original MetaMask site and the fake one is unnoticeable for most users (the writing on the button for getting the extension).
Scams and malware attacks increase in frequency during the holiday season when consumers spend more enticed by discounts or special offers and are more easily distracted.
Paying extra attention to download sources reduces the chance of becoming a victim. MetaMask’s advice to access resources from direct, official links (e.g., company accounts on LinkedIn, Twitter, Facebook) and avoiding redirects from third parties (e.g., URLs in messages) is a good way to not fall for a scam.
Metamask Firefox Not Working
Update [12/720]: MetaMask users are being targeted via ads displayed at the top of the results in other search engines. BleepingComputer today captured a screenshot showing fraudulent MetaMask ads in DuckDuckGo when the region filter was active.
Web app hacker Sean Roesner found that the malicious ads were also running on Microsoft Bing and Yahoo, he published screenshots in a tweet today, saying 'Can't trust ANY search providers. They all allow scammers to run malicious ads.'
Isn't just @Google , it's on @DuckDuckGo, @bing and @Yahoo now
Can't trust ANY search providers. They all allow scammers to run malicious ads -_- https://t.co/MFE9zkBV4vpic.twitter.com/enpYfC8Z0y