Share this article
Ethereum Browser Bug Could Put User Funds At Risk
Using ethereum browser Mist may put cryptocurrency private keys at risk, according to an Ethereum Foundation blog post.
Updated Sep 13, 2021, 7:16 a.m. Published Dec 15, 2017, 12:05 p.m.
Using ethereum browser Mist may put cryptocurrency private keys at risk, according to an Ethereum Foundation blog post published today.
The threat arises from a newly discovered vulnerability, which the blog post classifies as "high severity," and impacts all existing versions of the browser. However, Mist browser compatible Ethereum Wallet is not affected, the post clarifies.
STORY CONTINUES BELOW
Don't miss another story.Subscribe to the Crypto Daybook Americas Newsletter today. See all newsletters
As a result, Mist users are urged to avoid "untrusted" websites, and to default to Ethereum Wallet to manage any funds.
The vulnerability stems from the underlying software framework, Electron. Electron's delay in upgrading to correct known security issues has led to "an increasing potential attack surface as time passes," the post's author, Mist developer Everton Fraga, said.
As a result, Mist is considering migrating to a fork of Electron from Brave – named Muon – that has a more frequent release schedule.
In the post, Fraga stressed that Mist is still in beta mode, and users that engage with the browser do so without warranty.
He said:
"The Mist Browser beta is provided on an "as is" and "as available" basis and there are no warranties of any kind, expressed or implied, including, but not limited to, warranties of merchantability or fitness of purpose."
The developer further described security as a "never-ending battle" in browser development, writing: "making a browser (an app that loads untrusted code) that handles private keys is a challenging task."
Sponsored by the Ethereum Foundation, Mist is the most popular ethereum browser for browsing decentralized applications (dapps).
Code image via Shutterstock
More For You
What to know:
- As of October 2025, GoPlus has generated $4.7M in total revenue across its product lines. The GoPlus App is the primary revenue driver, contributing $2.5M (approx. 53%), followed by the SafeToken Protocol at $1.7M.
- GoPlus Intelligence's Token Security API averaged 717 million monthly calls year-to-date in 2025 , with a peak of nearly 1 billion calls in February 2025. Total blockchain-level requests, including transaction simulations, averaged an additional 350 million per month.
- Since its January 2025 launch , the $GPS token has registered over $5B in total spot volume and $10B in derivatives volume in 2025. Monthly spot volume peaked in March 2025 at over $1.1B , while derivatives volume peaked the same month at over $4B.
More For You
Crypto Markets Today: Fed Rate-Cut Hopes Lift BTC, ETH as Traders Brace for Volatility
Crypto markets are firm ahead of Wednesday’s Federal Reserve decision, with a 25 basis-point interest-rate cut already priced in.
What to know:
- Risk assets are buoyant ahead of the Fed, but rate decisions often trigger sharp intraday swings and a “sell-the-news” dip remains possible.
- Bitcoin sits at $92,300 and has spent the past week between $88,000 and $94,500; a break of either bound may set up the next move.
- Ether is outperforming post-Fusaka upgrade, but broader altcoin sentiment is weak with CoinMarketCap's altcoin season index at 16/100. HYPE, STRK, KAS and APT lead declines while AI token FET rebounds.
Top Stories
