Connect with us

Internet

Crypto Startup Hacks Itself to Save $13 Million in Users’ Cryptocurrency

Published

on

In an interesting tale of quick thinking, a cryptocurrency startup claims to have hacked its own customers to save their funds from a malicious third-party. Apparently, Komodo, which is a crypto-platform, discovered a vulnerability in its Agama Wallet, which potentially put funds of several Agama users at risk. In order to save these funds from hackers, for whom the impacted wallets would have been easy-pickings, Komodo used the same vulnerability to hack the user wallets and save as much as 8 million Komodos or KMD (which is roughly $12.48 million or Rs. 86.6 crores) and 96 Bitcoins or BTC (which is roughly $765,000 or Rs. 5.3 crores).

As per a blog post on Komodo’s official website, the blockchain platform on Wednesday was informed about an issue with one of the libraries used by the Agama wallet. This issue had potentially put the consumers using the Agama wallet to store their cryptocurrencies at risk. Without waiting to make and release a patch and then hoping for the customers to apply it, the Komodo team decided to hack the wallets themselves before someone else can and transfer all the cryptocurrency to themselves in an effort to save it.

Komodo says the collected funds are present in RSgD2cmm3niFRu2kwwtrEHoHMywJdkbkeF (KMD) and 1GsdquSqABxP2i7ghUjAXdtdujHjVYLgqk (BTC) wallets and can be reclaimed by their owners. The consumer whose funds have been transferred to the company can use this form to reclaim them.

According to Komodo, all Agama Wallets downloaded from its website, Atomic explorer wallet, and Agama Mobile wallets are affected by the vulnerability. The Verus Agama, KomodoOcean QT, and Ledger Hardware wallet are not impacted.

Although the Komodo blog post doesn’t include any technical details of the vulnerability, npn package manager’s team has shared some information. npn’s service was used to push a malicious dependency to Agama wallet.

“The attack was carried out by using a pattern that is becoming more and more popular; publishing a “useful” package (electron-native-notify) to npm, waiting until it was in use by the target, and then updating it to include a malicious payload,” npm team wrote in a blog post.

Source link

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Internet

New Samsung Galaxy Z Fold 3 renderings leak showing off all angles

Published

on

One of the most anticipated smartphones from Samsung that fans are looking forward to is the Galaxy Z Fold 3. The foldable flagship smartphone is set to launch on August 11, and ahead of that launch, we have some details that have surfaced via various leaks. Now some additional renderings of the smartphone have leaked, showing almost all angles of … Continue reading

Continue Reading

Internet

Volocopter 2X completed its first US public crewed test flight

Published

on

Each year the Experimental Aircraft Association (EAA) holds a massive air show in Wisconsin called AirVenture. At AirVenture 2021, the Volocopter 2X eVTOL aircraft had a very successful and important milestone flight. At the show, the aircraft had its first-ever public crewed test flight of the fully electric vertical take-off and landing air taxi in the US. Volocopter says the … Continue reading

Continue Reading

Internet

AirTag battery safety puts Apple in a quandary

Published

on

Apple’s privacy-respecting item tracker is like a ping-pong of good news, bad news revelations. Apple has made its AirTags so easy to use that there have been concerns about the security of the Find My network. The small discs are small enough to place anywhere but require a separate accessor to hook into objects unless you take the ill-advised route … Continue reading

Continue Reading

Trending