MetaMask's developer says North Korean hacker worked on wallet code for about a month using a fake identity
AI Market Summary
ConsenSys disclosed that a North Korean actor joined the MetaMask team under a false identity for about a month and contributed to core wallet code, highlighting persistent supply-chain and insider-risk vectors in crypto software development. Although the firm reports no compromised data, funds, or deployed malicious code, the incident may raise near-term security scrutiny across Ethereum wallet infrastructure and increase operational friction via tighter contractor vetting and release controls.
Impact level
● Medium
Affected assets
ETH/USDT+1.44%
AI Insight · ETH/USDTAI Insight
▼ Bearish
Trade now
⚠️ AI-generated insights are based on news content and are provided for informational purposes only. They do not constitute investment advice or represent the views of BingX. Investing involves risk. Please trade responsibly.
ConsenSys, the company behind MetaMask, said it uncovered that a North Korean hacker had entered the MetaMask team under a false identity and worked for roughly one month, contributing to development of core wallet code.
According to ME News, the individual used the name "Tyler Knapp" and joined as a contractor in an advisory capacity. The person operated under the GitHub handle imyugioh, with commits recorded from March 9 through April. Some of the submitted code related to transfers between crypto assets and fiat currencies.
After flagging the risk, ConsenSys revoked the contractor's access, told employees to pause product releases and avoid any contact with the individual, and reported the matter to law enforcement. General Counsel Matt Corva said internal investigations found no compromise of assets or data, no malicious code shipped, and no impact on user funds or security.
ConsenSys is reviewing its contractor background-check procedures. TRM Labs said developer work environments have become a key entry point for attackers attempting to obtain encryption keys and withdrawal approval systems at crypto firms. Earlier, an Ethereum-funded initiative identified 100 suspected North Korean IT workers across 53 crypto projects. (Source: BlockBeats)