Phishing Scam Uses Fake 2FA Alerts to Steal MetaMask Recovery Phrases

Published at 2026-01-05 07:45:06

Security researchers have identified a new phishing campaign targeting MetaMask users that fabricates a two-factor authentication (2FA) process to extract wallet recovery phrases. Attackers deploy cloned login pages, in-extension pop-ups and email lures that mimic legitimate 2FA prompts, then pressure victims to paste their seed phrase as a “verification” step. The social-engineering is described as unusually polished, making even cautious users more likely to fall for the ruse.

This matters because anyone who shares a recovery phrase gives attackers full control of their wallet and funds. Users should remember that legitimate wallets will never ask for seed phrases as a 2FA step, and should verify URLs, update extensions, and prefer hardware wallets for large holdings. Report suspicious pages and links to MetaMask and relevant platforms, and transfer at-risk funds to a secure wallet immediately if you suspect compromise.

SecurityPhishingMetaMaskCryptoTwo-Factor
Share on:

Related news

Russia to Ban Cash-for-Crypto Trades, Require Bank-Mediated Transactions

Russia will prohibit cash-for-crypto transactions and require trades to go through cashless, bank-mediated channels, a senior central bank official said. The measure is meant to increase oversight of crypto-related flows and clamp down on informal peer-to-peer markets.

CryptoCentral BankRussiaRegulationComplianceBanking
Published at 2026-04-10 11:30:09
Aethir Stops Bridge Exploit, Vows Compensation After Under $90K Loss

Aethir says it halted a bridge exploit on its Ethereum-linked contracts, keeping losses below $90,000. Security firm PeckShield had earlier estimated the damage at about $400,000; Aethir pledged to compensate affected users.

BridgeEthereumSecurityPeckShieldAethirATH
Published at 2026-04-10 11:15:12
SEC Seeks Feedback on Listing Options for Grayscale Multi-Asset Crypto ETF

The SEC is evaluating a proposal to list options on a Grayscale multi-asset crypto ETF and has asked for additional public comment as it assesses risks tied to crypto-related derivatives. Regulators want input on market structure, surveillance, and investor protections.

SECGrayscaleETFDerivativesCryptoOptions
Published at 2026-04-09 23:00:17
CZ Says Rival Exchanges Spent Millions to Block His Pardon and Binance U.S. Return

Binance CEO Changpeng Zhao alleges U.S. crypto exchanges funded multi-million dollar lobbying to block a pardon from former President Donald Trump and keep Binance out of the U.S. market. The claim has not been independently verified.

BinancePardonUS MarketCZLobbyingCrypto
Published at 2026-04-09 21:32:58
Major Android Flaw Exposed Millions of Crypto Wallets to Hackers

Microsoft Defender researchers say a critical bug in a widely used third-party Android SDK may have exposed tens of millions of cryptocurrency wallets to potential data theft. Users and developers are urged to update apps and apply patches immediately.

SecurityCryptoAndroidWalletsMicrosoft Defender
Published at 2026-04-09 20:46:23

DeFi

All DeFi posts

Bitcoin

All Bitcoin posts

Derivatives

All Derivatives posts

On-Chain

All On-Chain posts

Zcash

All Zcash posts