ReportWire

Tag: Metamask

  • MetaMask Launches Staking Nodes on Behalf of Users, Albeit at a Steep Price

    MetaMask Launches Staking Nodes on Behalf of Users, Albeit at a Steep Price

    [ad_1]

    Metamask launched Validator Staking support on its wallets as of January 18.

    Users who wish to stake their tokens will need to have at least 32 ETH in their wallets to do so, which is the minimum requirement of the Ethereum network itself.

    Easy to Use

    The users’ tokens will then be staked by Consensys, who, admittedly, have a stellar reputation when it comes to uptime.

    When a validator breaches consensus rules, it is slashed from the network and loses some of the funds set as collateral. With over $2 billion worth of ETH staked across tens of thousands of nodes, Consensys reportedly has never had any of its validators slashed.

    MetaMask wallet owners only need to check the boxes, and they’re on track to own staking rewards. So what are the downsides? The price, for starters.

    The Price of Not Being Tech Savvy

    Although the minimum staking requirement of 32 ETH is not something imposed by MetaMask, the barrier to entry is still quite high because of it. In order to allow more people to participate, Lido, one of the biggest staking networks, allows you to pool your Ether with others – although the rewards for doing so are, understandably, proportional to the amount you staked, leading to lower rewards.

    “With Lido, you don’t need 32 ETH to start staking. Lido will pool your ETH with funds provided by other users until the pool reaches 32 ETH. Lido will then set up a validator node by depositing the ETH into Ethereum’s staking contract and proportionally share staking rewards with you.”

    Although MetaMask also allows for pooled staking, validator nodes are still off-limits without the standard amount of collateral.

    In exchange for its services, MetaMask charges a 10% commission on rewards, currently worth about 4% of the staked amount over the course of the year. This brings a potential payout of not much more than what Lido would offer.

    Another user-friendly staking option is offered by Coinbase, who unfortunately charge a commission of 25%.

    Although MetaMask’s product is straightforward, easy to use, and helpful for newcomers to the ecosystem, someone serious about staking would probably be better off purchasing their own hardware, learning about the practice, and setting up their very own validator node.

    SPECIAL OFFER (Sponsored)

    Binance Free $100 (Exclusive): Use this link to register and receive $100 free and 10% off fees on Binance Futures first month (terms).

    [ad_2]

    Cristian Lipciuc

    Source link

  • Blockchain Developer’s MetaMask Wallet Emptied in Deceptive Job Interview

    Blockchain Developer’s MetaMask Wallet Emptied in Deceptive Job Interview

    [ad_1]

    A blockchain developer, Murat Çeliktepe, has shared a distressing incident recounting a holiday experience that resulted in the loss of $500 from his MetaMask Wallet to an individual posing as a ‘recruiter.’

    Notably, Çeliktepe was initially contacted on LinkedIn under the pretense of a genuine web development job opportunity.

    Developer Falls Prey to Coding Job Scam

    During the purported job interview, the recruiter instructed Çeliktepe to download and debug the code from two npm packages, namely “web3_nextjs” and “web3_nextjs_backend,” both hosted on a GitHub repository.

    Unfortunately, shortly after complying with the instructions, the developer discovered that his MetaMask wallet had been depleted, exceeding $500 fraudulently withdrawn from his account.

    The Upwork job listing requests applicants to “fix bugs and responsiveness [sic] on website” and claims to offer an hourly payment between $15 and $20 for a task expected to be completed in less than a month.

    Intrigued by the opportunity, Çeliktepe, who prominently displays an “#OpenToWork” tag on his LinkedIn profile picture, decided to take on the challenge. He downloaded the GitHub repositories the recruiter provided as part of the “tech interview.”

    Engaging in technical interviews often involves take-home exercises or proof-of-concept (PoC) assignments, including tasks such as code writing or debugging. This makes the offer particularly convincing, even for individuals with technical expertise, such as developers.

    It’s worth noting that the applications found in the mentioned GitHub repositories [1, 2] are valid npm projects, as evidenced by their format and the presence of the package.json manifest. However, these projects do not seem to have been published on npmjs.com, the largest open-source registry for JavaScript projects.

    Community Steps Up to Unravel Attack’s Mystery

    After sharing his unfortunate experience on social media, Çeliktepe reached out to the community for assistance in understanding the mechanics of the attack. Despite scrutinizing the code within the GitHub repositories, he remains uncertain about the method used to breach his MetaMask wallet as he did not store his wallet recovery phrase on his machine.

    In response to Çeliktepe’s plea for help, the community rallied with genuine support and opportunistic crypto bots offering assistance. Unfortunately, scam accounts also emerged, enticing him to connect with fraudulent “MetaMask support” Gmail addresses and Google forms.

    Insights from the community suggest that the npm projects executed by Çeliktepe might have allowed the attacker to deploy a reverse shell, potentially exposing vulnerabilities on the developer’s machine.

    Other theories proposed by community members include the possibility that, instead of infecting the developer’s machine with malware, the illicit npm project might have copied passwords from a web browser with auto-fill enabled.

    Additionally, some speculate that the code voluntarily run during the “tech interview” might have intercepted his network traffic, contributing to the security breach.

    SPECIAL OFFER (Sponsored)

    Binance Free $100 (Exclusive): Use this link to register and receive $100 free and 10% off fees on Binance Futures first month (terms).

    [ad_2]

    Wayne Jones

    Source link

  • Scam recruiters target blockchain devs on Upwork, steal crypto with npm packages

    Scam recruiters target blockchain devs on Upwork, steal crypto with npm packages

    [ad_1]

    A blockchain developer fell victim to a crypto scam after responding to a seemingly legitimate Upwork job.

    Bad actors have turned to Upwork in an effort to lure blockchain developers into downloading malicious software, enabling them to drain cryptocurrencies from non-custodial wallets. As per a BleepingComputer report, scam recruiters are instructing victims via LinkedIn to download and debug code from two malicious npm packages, hosted on a GitHub repository.

    One of the malicious npm packages on GitHub | Source: BleepingComputer

    Once developers execute the packages, a malicious script gains access to their devices. In an interview with BleepingComputer, Antalya-based blockchain developer Murat Çeliktepe revealed losing over $500 from his MetaMask wallet in crypto after opening the npm packages, providing scammers with remote access to his device.

    The incident extends beyond Çeliktepe, as the report notes other developers reporting similar encounters with the same recruiters on LinkedIn, highlighting the prevalence of scams targeting blockchain developers.

    Scammers seem to continue targeting blockchain developers through job platforms like LinkedIn and Upwork, showcasing a persistent strategy. In an incident in 2022, North Korea-affiliated hackers managed to pilfer $600 million from the Axie Infinity blockchain game by sending a fake job offer in a malicious PDF file via LinkedIn to an engineer from Sky Mavis, a company behind the web3 game.


    Follow Us on Google News

    [ad_2]

    Denis Omelchenko

    Source link

  • MetaMask expands global reach with new partnerships in six countries

    MetaMask expands global reach with new partnerships in six countries

    [ad_1]

    MetaMask broadens its global presence with key partnerships in Vietnam, the Philippines, Indonesia, Thailand, Egypt, and Chile.

    In a Dec. 8 post on X, MetaMask, a well-known software cryptocurrency wallet, unveiled new partnerships in Vietnam, the Philippines, Indonesia, Thailand, Egypt, and Chile.

    As stated in the announcement, MetaMask is working with VietQR and Mobile Money in Vietnam, GCash in the Philippines, QRIS in Indonesia, Thai QR in Thailand, Vodafone Cash in Egypt, and Webpay in Chile. These collaborations empower users with localized options. 

    MetaMask has also extended its reach to Vietnam, Malaysia, Japan, and South Korea, offering additional support for local transfers through strategic alliances with Unlimit, a borderless payment solution, and TransFi.

    The Buy aggregator feature is said to be accessible across various MetaMask platforms, including the mobile app and browser extension, and directly within the MetaMask Portfolio.

    Alongside growth announcements, MetaMask recently encountered transaction issues for mobile users on v7.9.0.

    Following the bug fix on Nov. 15, MetaMask recommended mobile users promptly update their apps to the latest version, 7.10.0, as a precaution. The wallet provider specified that the issue with the previous version had impacted a limited number of users in a posting on Nov. 14.


    Follow Us on Google News

    [ad_2]

    Sarah Jansen

    Source link