ConsenSys says North Korean hacker worked inside MetaMask codebase for about a month

AI Market Summary
ConsenSys disclosed a North Korean actor infiltrated the MetaMask development team for about a month and contributed code, highlighting elevated supply-chain and insider-risk across crypto infrastructure. Although the firm reports no malicious code deployed and no user funds or data impacted, the incident underscores attack surface in developer environments and contractor vetting. Near-term, it can raise security risk premia for Ethereum wallet and DeFi activity.
Impact level
● Medium
Affected assets
ETH/USDT+1.44%
AI Insight · ETH/USDTAI Insight
● Neutral
Trade now
⚠️ AI-generated insights are based on news content and are provided for informational purposes only. They do not constitute investment advice or represent the views of BingX. Investing involves risk. Please trade responsibly.
BlockBeats reported that on July 19, ConsenSys, the developer of MetaMask, said it had uncovered a North Korean hacker who gained access to the MetaMask team using a false identity and worked for roughly one month, contributing to core wallet code. ConsenSys said the individual used the name \u0022Tyler Knapp\u0022 and joined as a contractor in an advisory capacity. The person operated under the GitHub handle imyugioh, with commits dated from March 9 through April, including code tied to transfers between crypto assets and fiat currencies. After identifying the risk, ConsenSys said it immediately revoked the contractor\u0027s access, told employees to pause product releases and avoid contact, and reported the matter to law enforcement. General Counsel Matt Corva said the investigation found no theft of assets or data, no malicious code deployed, and no impact on user funds or security. The company is reviewing its contractor background-check process. TRM Labs said developer work environments have become a key avenue for attackers seeking access to crypto firms\u0027 keys and withdrawal-approval systems. It added that an Ethereum-funded initiative previously identified 100 suspected North Korean IT workers across 53 crypto projects.