Major Crypto Wallets Unite to Combat Phishing Attacks as $400M Stolen
In a move aimed at protecting cryptocurrency users from increasingly sophisticated phishing attacks, major crypto wallet providers MetaMask, Phantom, and others have joined forces with the Security Alliance to launch a global real-time phishing defense network.
The partnership is a significant development in the fight against cybercrime, following a staggering $400 million worth of stolen cryptocurrencies in the first half of 2025. According to CertiK, phishing attacks accounted for the highest number of security incidents during this period, leaving users vulnerable to scammers' tactics.
A Decentralized Immune System for Crypto Security
"We've joined forces to launch a global phishing defense network that can protect more users across the entire ecosystem," said the MetaMask team on Wednesday. The new defense network is part of a larger effort to create a decentralized immune system for crypto security.
The "decentralized immune system" includes MetaMask, Phantom, WalletConnect, and Backpack – four major crypto wallet providers that will work together to identify and block malicious phishing attempts in real-time. This collaborative approach aims to provide an additional layer of protection against the evolving tactics used by crypto phishers.
The Role of SEAL's Verifiable Phishing Reports
The new defense network will operate in tandem with SEAL's "verifiable phishing reports" system, which was announced last week. This system enables security researchers to prove that malicious websites actually contain the phishing content users claim to see.
"Drainers are a constant cat and mouse game," said Ohm Shah, a security researcher at MetaMask. "Working alongside SEAL allows wallet teams to be more agile and apply research to practice, effectively throwing a wrench at the drainer's infra."
Deploying on Multiple Wallets for Enhanced Protection
The partnership enables an end-to-end pipeline where user-submitted reports are automatically validated and shared across all participating wallets. This means that anyone with a valid report can trigger a phishing warning across network participants in real-time, without needing special permissions.
A Growing Problem: Crypto Drainers Evading Traditional Defenses
Crypto drainers have been evolving their tactics to evade traditional defenses. New methods include rotating landing pages faster when blocklists are updated, moving to offshore hosting when infrastructure providers crack down, and using cloaking techniques to avoid automated scanning.
A Shift in Tactics: Wallets Adapt to Counter Phishing Attacks
"Drainers are a constant cat and mouse game," said Ohm Shah. "Working alongside SEAL allows wallet teams to be more agile and apply research to practice, effectively throwing a wrench at the drainer's infra." This shift in tactics highlights the importance of collaboration and innovation in combatting cybercrime.
A New Era for Crypto Security
The launch of this global phishing defense network marks a significant milestone in the fight against crypto security threats. By working together, major crypto wallet providers can create a more resilient ecosystem that protects users from emerging phishing threats.