Each month, MetaMask security guru Luker reports on the latest crypto security risks and emerging threats that you need to know about. Dive into the action below. But first...
Featured STEM pioneer: Phil Zimmermann and PGP encryption
American computer scientist and cryptographer Phil Zimmermann created the most widely used email encryption software in the world, Pretty Good Privacy (PGP), which has an open source implementation as well as a commercial one.
MetaMask and CoinFello launch security framework for AI agent smart contract interactions
We teamed up with CoinFello to launch an Openclaw skill that makes interactions between agents and smart contracts more secure. As CoinFello CEO Brett Cleary shares, "The CoinFello Skill introduces hardware-isolated keys and fine-grained delegations, giving AI agents a secure way to execute transactions while helping bootstrap onchain capabilities for the broader agent ecosystem." We're excited for the future of where permissioned frameworks and MetaMask Smart Accounts will go!
MetaMask contributes to NIST AI agent security standards
The US Center for AI Standards and Innovation (CAISI), part of the National Institute of Standards and Technology (NIST), issued a request for information (RFI) “seeking insights from industry, academia, and the security community regarding the secure development and deployment of AI agent systems” and the fox answered the call! MetaMask’s parent company, Consensys, filed a comment letter informed by our very own Marco De Rossi, Product Director and AI Lead for MetaMask.
The letter draws on De Rossi’s work co-authoring ERC-8004, an open standard for agent identity and trust that has grown to over 49,000 registered agents since its August 2025 proposal. It urges NIST to distinguish between “agents with unrestricted key custody, and agents operating through revocable, policy-bounded delegations,” and stresses the importance of considering input from the open-source and decentralized technology communities. Read more about it on the Consensys blog.
Security community highlights: SEAL darkMode at ETHDenver and ZachXBT's scam ring discovery
Yours truly was fortunate enough to join the inaugural darkMode event, and it was the highlight of my ETHDenver experience. If you’ve had some FOMO about it, the Security Alliance’s blog, Radar, has a recap of some of the standout talks. MetaMask is especially excited for the premier screening of Chain Patrol and security researcher @dobsec's documentary, called Lights in Dark Rooms, which was teased in Denver. The documentary exposes the chilling realities behind pig butchering operations, and will debut at EthCC.
ZachXBT exposes fake news scam ring on X
Security researcher ZachXBT has discovered a network of X accounts that impersonate influencers, and post inflammatory and embellished representations of events related to war and geopolitics. After baiting clicks, the threads turn to promos for crypto scams. This drew refreshed scrutiny to the social media platform despite their recent efforts to deter bot activity and malicious AI use with threats of suspension. Zach argued that bans and legal repercussions would be more fitting.
Post-quantum computing risks to Bitcoin, Ethereum, and Solana
The implications that quantum computing will have on the internet as we know it have long been theorized—going back to at least 1981—including its potential to break encryption and put private information at risk. (Check out NIST's publication for more background on the topic.)
Google Quantum AI, Ethereum Foundation, and the 2029 timeline
Quantum computing brings up concerns for both web2 and web3. While Google and IBM have both set 2029 deadlines to address the looming threat, Bitcoin and Ethereum contributors are working on their own internal deadlines to address quantum computing risks to align with web2. The Ethereum Foundation (EF) in particular has created a dedicated post-quantum team.
On March 29, 2026, the Google Quantum AI team published a whitepaper co-authored by EF researcher Justin Drake and Stanford cryptographer Dan Boneh that mapped some of the ways a quantum computer could attack Bitcoin, Ethereum, Solana, and other networks. While the findings are not an automatic death sentence to the cryptocurrency world, the paper reinforces the urgent timeline to address risks.
Harvest now, decrypt later: the threat to distributed ledgers
One piece of the puzzle is the "Harvest Now Decrypt Later" threat to distributed ledgers (e.g., blockchains) already being utilized by malicious actors and detailed by the US Federal Reserve in September 2025. This, coupled with future threats to digital signatures, has sparked heightened concern across the industry.
South Korea tax authority exposes wallet seed phrases in public photo
They say a picture’s worth a thousand words, but thieves didn’t need that many when the recovery phrases for wallets were exposed in a publicly-shared photo. The funds in question were seized during raids on 124 high-value tax evaders. When the government organization celebrated by sharing the photo, it did not realize it contained sensitive information.
This follows a similar incident that occurred in 2021, when Seoul's Gangnam police lost 22 BTC after leaving funds and a seed phrase with a third-party custodian.
TRM Labs deploys AI agents to track illicit crypto transactions
Blockchain analytics firm TRM Labs has introduced an AI agent tool designed to help law enforcement investigate illicit cryptocurrency transactions. The tool is embedded in TRM's Forensics service and translates plain-language prompts into complex investigative actions, which the firm hopes will help investigators trace fund flows without highly technical inputs.The timing is notable.
TRM data shows illicit crypto volume hit $158 billion in 2025, and AI-enabled fraud and scams have surged 500% as bad actors leverage automation, deepfakes, and AI-driven tools to scale operations faster than ever before. "The caseload is growing faster than the workforce, and investigators are being asked to operate across dozens of blockchains, jurisdictions, and typologies simultaneously," said Ari Redbord, head of legal and government affairs at TRM. This tool is meant to help close that gap.
Credential-stealing campaigns targeting crypto wallets in March 2026
Several reports have emerged detailing scams where credentials were targeted, often putting crypto at risk. Here’s a roundup of recent discoveries by security researchers:
Fake Google Security site uses PWA app to steal credentials, MFA codes
Coruna (aka CryptoWaters) iOS exploit kit targets iPhones running iOS 13–17.2.1, but not the latest iOS
“The malware scans for crypto wallets, backup phrases, and banking data, exfiltrating sensitive information and loading additional modules from command-and-control servers. It targets numerous cryptocurrency apps, uses encrypted communications, and falls back on a custom domain generation algorithm seeded with “lazarus” to maintain persistence.”
“A new info-stealing malware called Torg Grabber is stealing sensitive data from 850 browser extensions, more than 700 of them for cryptocurrency wallets.”
How to protect against credential theft
Be skeptical of unsolicited messages, as AI-driven scams now use deepfakes and automation to appear more legitimate
Verify identities through multiple channels
Ensure all devices are running the most up-to-date operating systems at all times
Avoid clicking links on unfamiliar websites, especially those related to financial or crypto services. Hidden iFrames are known to deliver exploits
Understand that password managers (LastPass, 1Password, Bitwarden, etc.) and 2FA tools (Google Authenticator, Authy, etc.) can also be targets; a single infection can compromise multiple layers of security
Avoid storing sensitive files (seed phrases, recovery codes, account backups) on your Desktop or Documents folders; these locations are specifically scanned by the malware
LLM and AI agent security risks for crypto users
The rapid advancement of large language models (LLMs) and AI agent frameworks has brought genuine benefits, but they've also introduced a range of security and privacy challenges that we can’t ignore. Like any other tool, these can be wielded for good and evil. Here’s another roundup for you:
How to protect against AI-driven threats
If you’re concerned about anonymity, regularly delete old posts and rotate identities and accounts
Avoid ad links and go directly to official project websites
Be wary of airdrops and token giveaways
Review extension permissions, remove unnecessary extensions, and make sure extensions are updated
Never expose AI agent frameworks (like Langflow) directly to the internet
Rotate API keys and credentials if suspicious activity is detected
Use traditional allow lists and deny lists for critical security decisions instead of relying on LLM assessment.
This March 2026 report covered post-quantum risks to Bitcoin and Ethereum, AI-driven credential theft campaigns, and emerging security frameworks for agentic smart contract interactions. Browse previous editions of the MetaMask crypto security report for earlier risks, and additional tips for staying safe across the ecosystem.
