![wallet.jpg](https://cdn.steemitimages.com/DQmPFh7PfWX95d7PByetVGg7svQD78bv7jjYrdzHxQ7fKbH/wallet.jpg)
MetaMask just announced its update on 07/27/22. This update is critical because it will prevent "Wallet Drainer".



![T1 (2).PNG](https://cdn.steemitimages.com/DQme48JEBmtBHXBqygbMsVcae3QdZE54ovkDRsmog9omA8k/T1%20(2).PNG)


https://twitter.com/wallet_guard/status/1552329047836966915

### What is Wallet Drainer

Wallet Drainer is a way to attack the wallet that, through the smart contract and links NFT project with other wallets without admitting approval from the individual signature required to each wallet.


![T2 (2).PNG](https://cdn.steemitimages.com/DQmeeL81KcRFREWcHHcTPgPcWqNsFmuGWt9Bd7siLUwKGAc/T2%20(2).PNG)


https://twitter.com/TheOnlyNom/status/1552521385796423680

How the Wallet Drainer works are following:

- fake NFT page with an artificial countdown to create urgency
- victim connects wallet
- the program will check valuable of NFTs
- victim active the signature to transaction(s) to transfer ownership of NFTs
- program fake the "mint" and transaction will not interact with the smart contract
- the process repetitive
- Here is how technically the program works and comprehensively addresses the potential impact of this attack.

<iframe width="560" height="315" src="https://www.youtube.com/embed/557VCDJG1mk" title="YouTube video player" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe>

### How MetaMask prevents such attack

<iframe width="560" height="315" src="https://www.youtube.com/embed/P_7hpr5GSrw" title="YouTube video player" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe>

With an extra step to allow the wallet to get permission for all transactions, the user has a way to stop a bundle of transactions at once without permission allow from the user side.


![t1.png](https://cdn.steemitimages.com/DQmdseZs6BCnoTMUHPb4eEQyNGPzbEJHq7CRyV5brVDqvy6/t1.png)
![t2.png](https://cdn.steemitimages.com/DQmdRtV19GwvLodtA3ytHW5m3jg1AedZAYoxGoCRBTBCe7V/t2.png)

%[https://github.com/MetaMask/metamask-extension/pull/15010]

You may think that is no a big deal but it saves a lot of NFTs project to prevent attacking users valuable assets.

### How to prevent the attack


%[https://dappradar.com/blog/how-to-prevent-scammers-from-draining-your-wallet]

- Never click on links from unidentified sources.
- Never click Google Ads for crypto services, instead go to the official website yourself.
- Always use Two-Factor Authentication (2FA) when possible. Google Authenticator is free to use, so use it.

Also, double-check the website before connecting your wallet to the suspective website.

![bmc.jpg](https://images.hive.blog/DQmbd55yRTLCr33xCTgV3EVagNsSHstoLSHXfWrFvHUyZJE/bmc.jpg)

If you want to support my writing, buy me a coffee [here](https://www.buymeacoffee.com/xuanling1111).

Photo by [Markus Spiske](https://unsplash.com/@webtechsmart?utm_source=unsplash&utm_medium=referral&utm_content=creditCopyText) on [Unsplash](https://unsplash.com/s/photos/shopping?utm_source=unsplash&utm_medium=referral&utm_content=creditCopyText)

![Hive divider.gif](https://cdn.steemitimages.com/DQmZgGvu6YXrMNyDb4wVURLV14WNNSYs58R1kY64HNMSmCL/Hive%20divider.gif)

*Note: Cross-references of this article have been created by the author and have been cross-referenced on multiple platforms [here](https://linktr.ee/xuanling11). Please reference the resources and credits [here](https://www.xuanling11.com/). Reach out to the authors if you have any questions.*




Posted Using [LeoFinance <sup>Beta</sup>](https://leofinance.io/@xuanling11/metamask-ethereum-wallet-update-to-prevent-scams)