The Security Research Team at Halborn has discovered a critical vulnerability affecting many major cryptocurrency wallets. Wallets that were affected include MetaMask, Brave, Phantom, and xDefi, who have remediated the issue. 

Under the right conditions, the vulnerability – which we code-named “Demonic” – can expose a crypto wallet user’s secret recovery phrase which can in turn be used to reconstruct their private key, allowing attackers to access billions of dollars worth of cryptocurrencies and NFTs held in browser extension wallets.

You can view the full technical details and remediation recommendations on the Demonic Vulnerability announcement page. Refer to the MetaMask Blog Post and Phantom Blog Post for more useful information from their teams.

Due to the severity of the vulnerability and the number of impacted users, technical details were kept confidential until a good faith effort could be made to contact affected wallet providers.  

Now that the wallet providers have had the opportunity to remediate the issue and migrate their users to secure recovery phrases, Halborn is providing in-depth details to raise awareness of the vulnerability and help prevent similar ones in the future.

How does it work?

Browser extension cryptocurrency wallets that use an input field for a BIP39 mnemonic can cause the secret recovery phrase to be stored on-disk in plain text where an attacker that has physical or logical access to the device can retrieve it and gain access to the wallet.

Who is affected? What should they do?

Users: Users who have imported their browser based crypto wallet using a secret recovery phrase may be impacted. 

The risk is present if all of the following conditions were met:

  • The hard drive was unencrypted
  • The Secret Recovery Phrase was imported into a browser extension wallet using a device that is no longer in the user’s possession or is logically compromised
  • The user used the “Show Secret Recovery Phrase” checkbox to view the seed phrase on-screen during import

It is recommended that users who believe they may be affected migrate to a new set of accounts. MetaMask has prepared instructions on how to migrate for their users. 

Rotating passwords/keys and the use of a hardware wallet in conjunction with the browser based wallet can also provide increased security for users. Enabling local disk encryption is another best practice which mitigates this issue.

Desktop application cryptocurrency wallets and web based wallets may be prone to similar issues but due to the disparity of offerings we have not investigated that in depth.

Wallet Providers: Wallet Providers who believe they may still be susceptible to the vulnerability are strongly encouraged to follow the mitigation suggestions outlined on the Demonic Vulnerability Disclosure page.

Have concerns, want to learn more, or have a bug you’d like to disclose? Please reach out to us at disclosures@halborn.com.

Halborn is hiring! If you’re someone who can help make our products and this industry more secure, consider joining our team.

Halborn Discovers Critical Vulnerability Affecting Crypto Wallet Browser Extensions
Rob Behnke
06.15.2022