Each month, MetaMask Security Director Luker reports on the latest crypto attacks and emerging risks that you need to know about.
March 2023 saw the Endo and LavaMoat teams rework their approach to secure bundling—halting a webpack-transform experiment in favor of a webpack loader—while extending global scuttling to child realms and reviving React Native support for MetaMask's mobile app. MetaMask also shared two EthDenver-season talks: co-founder Dan Finlay on Delegatable and security researcher Gal Weizman on JavaScript realms and Snow. The month's clearest lesson, though, was to stay cautious about airdrops: scams surged around the Arbitrum claim, where roughly 2,400 wallets were compromised in advance, scammers exploited a fake MetaMask airdrop snapshot to lure users toward phishing sites, and copycat scams targeted Polkadot, Shiba Inu, and a fake OpenAI token. The full breakdown is below, but first...
Featured STEM pioneer: Faith Lillibridge, operator of Columbia's NORC supercomputer
Faith Lillibridge is pictured at the console of the NORC (Naval Ordnance Research Calculator) on the fifth floor of Columbia University's Watson Scientific Computing Laboratory in 1954. Built by IBM for the US Navy, the NORC was, at its 1954 dedication, the most powerful computer in the world. The operators who ran early machines like it turned room-sized hardware into reliable, repeatable computation—the same disciplined, detail-exact work that still underpins trustworthy systems today.
Endo halts its webpack-transform approach and adds exitModuleImportHook for lavamoat-node
Endo's attempts to plug into webpack transforms without compromising the original import/export statements proved unsuccessful unless webpack was deconstructed and used as a framework for building a bundler. Endo decided to halt that effort and pursue a simpler solution, experimenting instead with a new method in the LavaMoat open-source toolkit. Separately, the latest Endo compartment-mapper update added exitModuleImportHook, which allows dynamic importing of exit modules rather than requiring a pre-built list—the final significant feature needed for compartment-mapper to serve as the backend for lavamoat-node. The Endo SES whitelist also received a minor update for React Native Android JSC in endojs/endo #1511, closing a long-standing issue #660 (more recently tracked in LavaMoat/docs #16) and being examined further in the React Native JSC build scripts issue #181.
LavaMoat tests a webpack loader and extends global scuttling to child realms
LavaMoat began exploring an alternative approach to secure bundling using a webpack loader to implement compartmentalization, adding the runtime later. Because the layers above the loaders stay unchanged, most features such as tree-shaking continue to work; the main risk is that custom plugins may alter the code in unforeseen ways. The scuttling security feature can now be applied to all potential same-origin child realms (such as iframes) by configuring the experimental "scuttleGlobalThis" option together with Snow (progress here). A minor update to the LavaMoat Browserify examples landed in LavaMoat/LavaMoat #476.
LavaMoat revives React Native support for MetaMask's mobile app
React Native support was resurrected, beginning again with Endo SES lockdown integration—originally targeting RN v0.66.5 and now RN v0.71.4—with MetaMask mobile app integration underway. Progress is tracked in the LavaMoat React Native epic.
Dan Finlay presents "Better Dapps with Delegatable" at EthDenver
Dan Finlay made his EthDenver debut in 2023 with a talk on Delegatable, sharing a vision for how delegation can make building decentralized applications safer and easier. As he put it, "There are a lot of people claiming airdrops and then getting all their money taken… Delegatable lets you do anything you can do on a contract to another account. It's got an open-ended caveat system so you can attenuate the ability you're sharing in any way you want. And that can let you keep hot wallets cooler by limiting what they can do while allowing them to still do stuff on chain."
Gal Weizman presents "JS Realms, Security Blank Spot"
Gal Weizman gave a talk on the growing dangers of supply chain attacks tied to dependencies, and how Snow JS can help cover the gaps. Topics included the evolution of the web, the importance of security and visibility, third-party solutions, JavaScript realms, and Snow JS.
Airdrop scams surge as hackers pose as , with a fake MetaMask snapshot used to phish users
Dubious activity around airdrops picked up sharply in March 2023. The previous month, MetaMask published an overview of the dangers of rugpulls and airdrop scams, reminding users that "free money" offers are a common lure for bad actors. That's exactly what played out when scammers pushed a fake claim on social media that MetaMask would take a snapshot or run an airdrop on March 31—a lure designed to funnel users toward phishing sites that steal funds from anyone trying to claim the nonexistent tokens. MetaMask called out the scam and alerted the community on March 29, 2023, warning that the fake claim was "not only false, but … dangerous" precisely because it creates openings for scammers and phishers targeting users' assets. Copycat airdrop scams impersonating Polkadot, Shiba Inu, and a fake OpenAI DeFi (GPT-4) token used the same playbook throughout the month.
Roughly 2,400 wallets targeted ahead of the Arbitrum airdrop
Days before the Arbitrum airdrop, Arkham reported on March 20, 2023 that a hacker had spent the prior 12 hours sending funds to around 2,400 presumably compromised wallets, which then approved the ARB token in anticipation of the claim, from address 0x59d4...fb19. In the aftermath, CoinDesk covered how much can go wrong in its piece "Arbitrum Shows Just How Messy (and Tricky) Crypto Airdrops Can Be."
Cloudflare Global API key exposure warned for web3 teams
MetaMask Security researcher Taylor Monahan (@tayvano_) urged teams using Cloudflare for a web3 product to act immediately on March 24, 2023: rotate the Global API Key for all accounts, and remove any accounts added to Cloudflare unless their Global API Key had already been rotated. The legacy Global API Key carries full account access, making its exposure especially dangerous.
Metaverse "conference" invite used as a social engineering lure
The Trading Uncle (@thetradingunc) documented a social engineering attempt on March 14, 2023 in which an account sent a direct message praising the target's content and inviting them to speak at a "conference" in the metaverse alongside other panelists—an approach designed to lower a target's guard before a scam.
MetaMask's March 2023 Crypto Security Report covered a surge in airdrop scams—including a fake MetaMask snapshot used to phish users—roughly 2,400 wallets compromised ahead of the Arbitrum airdrop, and a Cloudflare Global API key warning for web3 teams. Browse previous editions of the MetaMask Crypto Security Report for more threats, trends, and tips for staying safe across the ecosystem.