Matias Sequeira
As a Web3 Security Engineer at Coinspect, I've uncovered and reported multiple vulnerabilities to over 40 wallets in 2023. Previously, I worked as a security researcher and consultant, driven by a passion for meaningful security research.
Sessions
Coinspect uncovered vulnerabilities in over 40 cryptocurrency wallets, with varying severity levels. Many of these vulnerabilities let attackers compromise wallets simply by having users visit attacker-controlled websites, granting access to users' mnemonic phrases or forcing silent transaction signatures.
Along the way, we noticed a common denominator among the multiple vulnerabilities reported: the attack vector, which most of the times required a compromised or malicious DApp to successfully exploit them.
In response, we are developing a tool to detect early signs of DApp compromises, currently being tested with MetaMask Snaps. We invite individuals to a session to delve into these security issues, and our research projects.