Algorand Wallet Urges Users To Withdraw Funds After $9.6M Exploit
MyAlgo, an Algorand-based wallet service, has advised customers to withdraw money from any wallets they may have made using a mnemonic phrase as the business is still looking into an issue that resulted in a $10 million loss.
The wallet provider alerted users through Twitter on February 26 that “a targeted assault was carried out against a bunch of high-profile MyAlgo accounts.”
It appears that the attacked users all had significant funds in their accounts and were using mnemonic wallets with the key stored in the browser. None were using hardware wallets.
— MyAlgo (@myalgo_) February 26, 2023
MyAlgo went on to say that the people that were attacked were using mnemonic hot wallets with private keys saved in the browser and had substantial sums of assets in their accounts. The attack did not impact users using hardware wallets, the researchers claimed.
The wallet provider declared that it assisted the authorities and the impacted parties in investigating the event. Nonetheless, the company strongly encouraged all users to move any money from seed phrase wallets kept in MyAlgo in a Monday update since it is still unsure of what caused the breaches.
IMPORTANT: We strongly advise all users to withdraw any funds from Mnemonic wallets that were stored in MyAlgo. As we still don’t know the root cause of recent hacks, we encourage everyone to take precautionary measures to protect their assets. Thank you for your understanding.
— MyAlgo (@myalgo_) February 27, 2023
ZachXBT, a blockchain investigator, claims that the hacker took from victims 9.6 million USDC and 19.5 million ALGO, totaling $9.6 million.
Nevertheless, once the attacker attempted to use the platform to launder the assets, centralized exchange ChangeNow could freeze $1.5 million of the stolen monies.
I haven’t seen many posts about this on CT yet but it’s suspected over $9.2m (19.5M ALGO, 3.5m USDC, etc) has been stolen on Algorand as a result of this attack from Feb 19th to 21st.
ChangeNow shared they were able to freeze $1.5m. https://t.co/BPCXTUD57n pic.twitter.com/A3t7Ss0e83
— ZachXBT (@zachxbt) February 28, 2023
John Wood, the chief technology officer of Algorand, stated that the event affected 25 wallets but added that there was no “underlying problem with the Algorand network or SDK” that contributed to the exploit.
1/n Update on the exploit impacting ~25 accounts: from our investigation, this is not the result of an underlying issue with the Algorand protocol or SDK.
— John Woods (@JohnAlanWoods) February 27, 2023
When the investigation is complete, the CTO promised to provide an educational film outlining how the vulnerability occurred and how consumers may safeguard themselves.
The post Algorand Wallet Urges Users To Withdraw Funds After $9.6M Exploit appeared first on Crypto Academy.
Filed under: Bitcoin - @ March 1, 2023 11:17 am