Ethereum Dev Addresses Smart Contract Wallet Sensitivity towards Phishing Attacks
New technology is never without its vulnerabilities, and to think otherwise would prove to be an unmindful optimism. Because of this, the Ethereum foundation is constantly checking their work and coming up with fixes for bugs they may find, or any potential threats. Recently, they discovered that older versions of their wallets are vulnerable to phishing attacks so they quickly came together to find a solution for their users. There hasn’t been any phishing attack cases that they know of yet, but of course, the team would like to avoid that from happening in the first place. Due to this, they’ve publicly announced the threat and the solution.
Fabian Vogelsteller, Lead Ðapp developer for the ethereum project, summarizes:
Do not use wallet contracts or owner accounts of those wallets that were created by the Ethereum Wallet 0.4.0 or earlier. If you send to (or interact with) a malicious contract it could take ownership of your wallet contract. Create a new wallet and move your funds.
Ethereum acted quickly and diligently created solutions to avoid those possible threats. Besides creating a new wallet, users are advised to not use any wallet that may be affected or interact with others using the affected wallet. Vogelsteller also suggests creating an extra wallet with no contract connection for your everyday expenses.
Vogelsteller also assured users who simply don’t use their wallets, or engage in any interaction with unknown contracts, are safe.