MetaMask, Phantom, and other leading crypto wallets have teamed up with the Security Alliance to establish a global phishing defense network, as crypto phishers have stolen upwards of $400 million in the first half of 2025.
“We’ve collaborated to create a global phishing defense network that can safeguard more users throughout the entire ecosystem,” stated the MetaMask team on Wednesday.
SEAL mentioned that the new defense network would “allow us to build a decentralized immune system for crypto security where anyone from around the globe can help prevent the next significant phishing attack.”
This “decentralized immune system” comprises MetaMask, Phantom, WalletConnect, and Backpack.
It will work alongside SEAL’s “verifiable phishing reports” system, which was unveiled last week. This new tool allows security researchers to verify that malicious websites do indeed contain the phishing content that users report.
The battle against crypto drainers
The escalating issue involves crypto drainers, which have been adapting their strategies to bypass traditional defenses, explained SEAL.
New tactics for attracting victims include rapidly rotating landing pages when blocklists are updated, shifting to offshore hosting when service providers impose restrictions, and employing cloaking techniques to evade automated scanning.
Related: Crypto hack losses down 37% in Q3 as tactics shift to wallets
“Drainers are an ongoing cat-and-mouse game,” said Ohm Shah, a security researcher at MetaMask.
Collaborating with SEAL enables wallet teams to be more nimble and put research into action, “effectively disrupting the drainer’s infrastructure,” he added.
Deploying on as many wallets as possible
The partnership facilitates an end-to-end pipeline where user-submitted reports are automatically validated and disseminated across all participating wallets, ensuring immediate protection against new phishing threats.
“Any individual with a valid report can trigger a phishing alert across network participants in real time and without needing special permissions,” SEAL clarified.
“This results in quicker response times to new phishing threats and increased funds saved. We aim to spread this data to as many wallets as possible.”
Phishing attacks constituted the highest number of security incidents in the initial half of this year and have resulted in over $400 million in stolen crypto, according to CertiK.
Magazine: Ether’s price to go ‘nuclear,’ Ripple seeks $1B XRP buy: Hodler’s Digest
