Trusted

New Vulnerability Threatens Crypto Wallets: How Hackers Can Steal Your Assets

2 mins
Updated by Harsh Notariya
Join our Trading Community on Telegram

In Brief

  • Critical Crypto-MCP flaw could let hackers expose seed phrases or redirect blockchain transactions without user detection.
  • Prompt injection exploits allow attackers to hijack crypto transfers via interfaces like Base-MCP used in DeFi and AI apps.
  • Experts urge users to limit MCP permissions, minimize wallet balances, and use trusted tools like MCP-Scan for safety checks.
  • promo

Crypto users often focus on user interfaces and pay less attention to the complex internal protocols. Security experts recently raised concerns about a critical vulnerability in Crypto-MCP (Model-Context-Protocol), a protocol for connecting and interacting with blockchains.

This flaw could allow hackers to steal digital assets. They could redirect transactions or expose the seed phrase — the key to accessing a crypto wallet.

How Dangerous is the Crypto-MCP Vulnerability?

Crypto-MCP is a protocol designed to support blockchain tasks. These tasks include querying balances, sending tokens, deploying smart contracts, and interacting with decentralized finance (DeFi) protocols.

Protocols like Base MCP from Base, Solana MCP from Solana, and Thirdweb MCP offer powerful features. These include real-time blockchain data access, automated transaction execution, and multi-chain support. However, the protocol’s complexity and openness also introduce security risks if not properly managed.

Developer Luca Beurer-Kellner first raised the issue in early April. He warned that an MCP-based attack could leak WhatsApp messages via the protocol and bypass WhatsApp’s security.

Following that, Superoo7—head of Data and AI at Chromia—investigated and reported a potential vulnerability in Base-MCP. This issue affects Cursor and Claude, two popular AI platforms. The flaw allows hackers to use “prompt injection” techniques to change the recipient address in crypto transactions.

For example, if a user tries to send 0.001 ETH to a specific address, a hacker can insert malicious code to redirect the funds to their wallet. What’s worse, the user may not notice anything wrong. The interface will still show the original intended transaction details.

“This risk comes from using a ‘poisoned’ MCP. Hackers could trick Base-MCP into sending your crypto to them instead of where you intended. If this happens, you might not notice,” Superoo7 said.

Demonstration of Prompt Injection Via Crypto-MCP. Source: Superoo7
Demonstration of Prompt Injection Via Crypto-MCP. Source: Superoo7

Developer Aaronjmars pointed out an even more serious issue. Wallet seed phrases are often stored unencrypted in the MCP configuration files. If hackers gain access to these files, they can easily steal the seed phrase and fully control the user’s wallet and digital assets.

“MCP is an awesome architecture for interoperability & local-first interactions. But holy shit, current security is not tailored for Web3 needs. We need better proxy architecture for wallets,” Aaronjmars emphasized.

So far, no confirmed cases of this vulnerability being exploited to steal crypto assets exist. However, the potential threat is serious.

According to Superoo7, users should protect themselves by using MCP only from trusted sources, keeping wallet balances minimal, limiting MCP access permissions, and using the MCP-Scan tool to check for security risks.

Hackers can steal seed phrases in many ways. A report from Security Intelligence at the end of last year revealed that an Android malware called SpyAgent targets seed phrases by stealing screenshots.

Kaspersky also discovered SparkCat malware that extracts seed phrases from images using OCR. Meanwhile, Microsoft warned about StilachiRAT, malware that targets 20 crypto wallet browser extensions on Google Chrome, including MetaMask and Trust Wallet.

Top crypto platforms in the US
eToro eToro Explore
Arkham Arkham Explore
Plus500 Plus500 Explore
Moonacy Moonacy Explore
Uphold Uphold Explore
Top crypto platforms in the US
eToro eToro Explore
Arkham Arkham Explore
Plus500 Plus500 Explore
Moonacy Moonacy Explore
Uphold Uphold Explore
Top crypto platforms in the US
eToro eToro
Arkham Arkham
Plus500 Plus500
Moonacy Moonacy
Uphold Uphold

Disclaimer

In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and ConditionsPrivacy Policy, and Disclaimers have been updated.

tung-nobi.jpeg
Nhat Hoang
Nhat Hoang is a journalist at BeInCrypto who writes about macroeconomic events, crypto market trends, altcoins, and meme coins. With experience tracking and observing the market since 2018, he is able to grasp the stories in the market and express them in an accessible way to new investors. He graduated with a bachelor’s degree in Japanese from Ho Chi Minh City University of Pedagogy.
READ FULL BIO
Sponsored
Sponsored