MyAlgo users urged to withdraw as cause of $9.2M hack remains unknown

0

The Algorand wallet provider said it still hasn’t determined the cause of the attack, urging users to withdraw funds from wallets created with a seed phrase.

A wallet provider for the Algorand (ALGO) network, MyAlgo, has warned its users to withdraw funds from any wallets created with a seed phrase amid an ongoing exploit that has seen an estimated $9.2 million worth of funds stolen.

MyAlgo tweeted the advice on Feb. 27 adding it still doesn’t know the cause of the recent wallet hacks and encouraged “everyone to take precautionary measures to protect their assets.”

Earlier on Feb. 27 the team tweeted a warning of a “targeted attack […] carried out against a group of high-profile MyAlgo accounts” which has seemingly been conducted over the past week.

The self-titled “on-chain sleuth,” ZachXBT, outlined in a Feb. 27 tweet that it’s suspected the exploit has pilfered over $9.2 million and crypto exchange ChangeNOW was able to freeze around $1.5 million worth of funds.

Particularly susceptible to the exploit were users who had mnemonic wallets with the key stored in an internet browser according to MyAlgo. A mnemonic wallet typically uses between 12 and 24 words to generate a private key.

John Wood, chief technology officer at the networks governance body the Algorand Foundation, took to Twitter on Feb. 27, saying around 25 accounts were affected by the exploit.

He added the exploit “is not the result of an underlying issue with the Algorand protocol” or its software development kit.

Related: $700,000 drained from BNB Chain-based DeFi protocol LaunchZone

Algorand-focused developer collective D13.co released a report on Feb. 27 that eliminated multiple possible exploit vectors such as malware or operating system vulnerabilities.

The report determined the “most probable” scenarios were that the affected users’ seed phrases were compromised through socially engineered phishing attacks or MyAlgo’s website was compromised that lead to the “targeted exfiltration of unencrypted private keys.”

MyAlgo stated it would continue to work with authorities and would conduct a “thorough investigation to determine the root cause of the attack.”

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert

Bitte geben Sie den Coingecko Free Api Key ein, damit dieses Plugin funktioniert

Subscribe To The Latest Crypto News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.