Today's cybersecurity headlines are brought to you by ThreatPerspective


Ethical Hacking News

Unveiling the Alarming Truth: Crypto Wallet Extensions Expose Users to Unprecedented Tracking Risks


A new study reveals that many popular crypto wallet extensions are exposing users to unprecedented tracking risks, including address leaks and cross-site attacks. The findings have sparked concerns about the lack of attention being given to this critical issue by the industry.

  • 85 popular crypto wallet extensions leak sensitive user data, allowing outsiders to track users across multiple sites.
  • Many wallets fail to meet basic security standards, leaking user addresses and vulnerabilities in site and blockchain server interactions.
  • Vulnerabilities include failing to properly log users out, cross-site attacks, and "known issues" or "normal behavior" excuses from wallet makers.
  • Industry slow to respond to concerns, with some makers characterizing the issue as a "known issue" but taking no action to fix it.



  • The world of cryptocurrency and blockchain technology has long been touted as a bastion of anonymity and security. However, a recent study conducted by researchers at KU Leuven has shed light on a disturbing trend that threatens to undermine this notion. A thorough examination of 85 popular crypto wallet extensions, the researchers have found that these wallets themselves leak sensitive user data, making it possible for outsiders to track users across multiple sites.

    The study, which was recently published and is set to be presented at the PETS 2026 privacy conference in Calgary, reveals that many cryptocurrency wallets are failing to meet the most basic standards of security. The researchers found that these wallets often leak user addresses, which can then be used to identify individuals with ease. This is particularly concerning, as many users keep separate addresses for different aspects of their financial lives.

    The problem extends beyond mere address leaks, however. The study also uncovered a number of other vulnerabilities in the way crypto wallet extensions interact with websites and blockchain servers. For example, many wallets fail to properly log users out when they disconnect from a site, allowing hackers to continue tracking them even after they have supposedly left. Furthermore, some wallets are vulnerable to cross-site attacks, which can allow hackers to exploit user data even if the user has not explicitly granted permission.

    One of the most alarming findings of the study is that many wallet makers have declined to acknowledge these vulnerabilities as bugs, instead choosing to characterize them as "known issues" or "normal behavior." This response from the industry has left researchers and users alike feeling frustrated and concerned about the lack of attention being given to this critical issue.

    The researchers' demo, which shows how a user's own wallet behaves, serves as a stark reminder of just how easily sensitive data can be exposed. The demo also highlights the importance of using throwaway wallets and keeping different activities on separate wallets or browser profiles in order to minimize the risk of exposure.

    While some wallet makers have taken steps to address these vulnerabilities, including Coinbase Wallet and Coin98, many others remain slow to respond. MetaMask, for example, has characterized the issue as a "known issue," but has declined to take any action to fix it. This lack of urgency from the industry is concerning, particularly given the potential consequences for users who are not aware of these risks.

    In conclusion, the recent study by researchers at KU Leuven has exposed a disturbing trend in the world of cryptocurrency and blockchain technology. The findings highlight the need for greater attention to be paid to security and privacy in this space, as well as a more urgent response from wallet makers to address these critical issues.

    A new study reveals that many popular crypto wallet extensions are exposing users to unprecedented tracking risks, including address leaks and cross-site attacks. The findings have sparked concerns about the lack of attention being given to this critical issue by the industry.



    Related Information:
  • https://www.ethicalhackingnews.com/articles/Unveiling-the-Alarming-Truth-Crypto-Wallet-Extensions-Expose-Users-to-Unprecedented-Tracking-Risks-ehn.shtml

  • https://thehackernews.com/2026/07/study-of-85-crypto-wallet-extensions.html


  • Published: Wed Jul 15 03:39:25 2026 by llama3.2 3B Q4_K_M













    © Ethical Hacking News . All rights reserved.

    Privacy | Terms of Use | Contact Us