The Daily Hodl
  • FEATURES
    • News
    • Bitcoin
    • Ethereum
    • Ripple and XRP
    • Altcoins
    • Trading
    • NFTs
    • Blockchain
    • Futuremash
    • Regulators
    • Scams
    • Crypto 101
  • HODLX
    • Latest Stories
    • FAQ
    • Submit Guest Post
  • INDUSTRY ANNOUNCEMENTS
    • Latest
    • Press Releases
    • ChainWire
    • Sponsored Posts
    • Submit Your Content
  • CRYPTO MARKETS
    • Bitcoin (BTC)
    • Ethereum (ETH)
    • Binance Coin (BNB)
  • BEGINNERS
    • What Is Bitcoin?
    • What Is Blockchain?
    • What Does Hodl Mean?
    • How to Pay Your Bills with Bitcoin
    • Best Bitcoin FAQs
    • Example of Bitcoin’s Purpose
    • Cryptocurrency Has Multiple Meanings
    • Authenticator Alert – Securing Your Crypto
  • SUBMIT
    • Guest Post
    • Press Release
    • Sponsored Post
    • Advertise
  • EMAIL ALERTS
  • DAILY HODL MIX
No Result
View All Result
  • FEATURES
    • News
    • Bitcoin
    • Ethereum
    • Ripple and XRP
    • Altcoins
    • Trading
    • NFTs
    • Blockchain
    • Futuremash
    • Regulators
    • Scams
    • Crypto 101
  • HODLX
    • Latest Stories
    • FAQ
    • Submit Guest Post
  • INDUSTRY ANNOUNCEMENTS
    • Latest
    • Press Releases
    • ChainWire
    • Sponsored Posts
    • Submit Your Content
  • CRYPTO MARKETS
    • Bitcoin (BTC)
    • Ethereum (ETH)
    • Binance Coin (BNB)
  • BEGINNERS
    • What Is Bitcoin?
    • What Is Blockchain?
    • What Does Hodl Mean?
    • How to Pay Your Bills with Bitcoin
    • Best Bitcoin FAQs
    • Example of Bitcoin’s Purpose
    • Cryptocurrency Has Multiple Meanings
    • Authenticator Alert – Securing Your Crypto
  • SUBMIT
    • Guest Post
    • Press Release
    • Sponsored Post
    • Advertise
  • EMAIL ALERTS
  • DAILY HODL MIX
No Result
View All Result
The Daily Hodl
No Result
View All Result

Coinomi Says Redditor Who Reported Losing Life Savings in Crypto Wants Bitcoin ‘Ransom’, Reveals Findings on Potential Security Flaw

by Daily Hodl Staff
February 27, 2019
in Blockchain

The crypto wallet company Coinomi just released its preliminary findings after a user, Warith Al Maawali, reported losing his life savings of $60,000 to $70,000 in digital assets due to a flaw in the platform’s security.

In a post on Reddit, Al Maawali says that after his funds disappeared, he discovered the platform’s desktop wallet was sending users’ seed phrases (a string of words used to access crypto funds) directly to Google through an encrypted request.

“As a result, someone from Google’s team or whoever had access to the HTTP requests that are sent to googleapis.com found the passphrase and used it to steal my $60K-$70K worth crypto assets (at current market price). Anyone who is involved in technology and crypto-currency knows that a 12 random English words separated by spaces will probably be a passphrase to a crypto-currency wallet!”

Coinomi says it has fixed the issue, which is tied to a configuration problem with Google’s spell-check feature.

“The seed phrase wasn’t being transmitted in plain text, instead it was being encapsulated inside a HTTPS request with Google being the sole recipient…

Our engineers immediately tracked down the cause of this issue, which wasn’t a bug in our source code but instead was a bad configuration option in a plug-in used in Desktop wallets only. That plugin enabled the spell-check functionality by default in a recent update and was fixed by the jxBrowser plug-in team just 6 days ago – which is the same day we were contacted by Warith Al Maawali.

All Desktop versions were patched immediately after we received the full disclosure, and we then started further exploring the implications by this issue in order to provide our users with the proper guidance and inform them on the course of action that needed to be taken, if any.”

Coinomi says it has had no other reports of users affected by the issue and says it doubts anyone at Google stole Al Maawali’s funds.

“During these days, Warith Al Maawali repeatedly refused to disclose his findings and kept threatening to take this public if we didn’t pay right away the ransom of 17 BTC which would make up for the ‘hacked’ funds…

We’ve had zero reports of hacked Desktop wallets so far other than Warith Al Maawali’s, which however cannot be sustained by the underlying facts – there is still way to investigate the authenticity of his claim and if the funds were indeed stolen it was much more likely due to an infected host rather than Google itself stealing these funds. If the claim is proven to be false we will seek remedies to set things straight and to prevent their recurrence.”

Coinomi says the issue does not affect Android or iOS users, and desktop wallet users should update their client to the latest version, which fixes the issue.

You can check out Coinomi’s full report here.

[the_ad id="42537"] [the_ad id="42536"]
Check Latest News Headlines


 
Disclaimer: Opinions expressed at The Daily Hodl are not investment advice. Investors should do their due diligence before making any high-risk investments in Bitcoin, cryptocurrency or digital assets. Please be advised that your transfers and trades are at your own risk, and any loses you may incur are your responsibility. The Daily Hodl does not recommend the buying or selling of any cryptocurrencies or digital assets, nor is The Daily Hodl an investment advisor. Please note that The Daily Hodl participates in affiliate marketing.
Submit a Press Release

Industry Announcements

  • Open-Source Blockchain D-Ecosystem Raises $6 Million Ahead of IDO on March 29, 2023
    March 27, 2023
  • Bitget Becomes the First Centralized Exchange To Offer Financial Transparency Through Space and Time
    March 27, 2023
  • OKX Launches Turkish Lira Deposits and Withdrawals
    March 27, 2023
  • Cardano’s Top NFT Marketplace JPG.Store Announces Plans To Empower More Artists Globally
    March 27, 2023
  • Narwhal Finance Secures $1 Million in Seed Funding Led by Animoca Ventures
    March 24, 2023
  • Sports Prediction App Pooky Launches Full Version of Its Play-and-Earn Game
    March 23, 2023
  • StormGain Launches StormGain DEX for User-Friendly Decentralized Crypto Trading
    March 23, 2023
Submit a Guest Post
ADVERTISEMENT
Bitcoin
$27,259.30
$27,259.30
2.83%
Ethereum
$1,716.50
$1,716.50
3.36%
Cardano
$0.345421
$0.345421
3.3%
XRP
$0.477109
$0.477109
5.66%
Dogecoin
$0.073337
$0.073337
1.91%

Spotlight

  • Bitcoin Could Easily Rip by Over 140% Amid Banking Crisis, Says Tether CTO Paolo Ardoino – Here’s the Timeline
    March 25, 2023
  • Coinbase Predicts a Longer Crypto Winter – Cross-Chain Liquidity Can Save the Day
    March 24, 2023
  • $12,000,000,000 Asset Manager Says Investors Flocking to Bitcoin and Crypto Amid Global Banking Fallout
    March 24, 2023
  • Analyst Predicts Ethereum Rival Will Explode by Over 90%, Updates Outlook on XRP, Cardano and Solana
    March 25, 2023
NBX Warsaw Summit Banner
DON'T MISS A BEAT
Crypto headlines delivered daily
to your inbox
BTC, ETH, XRP news alert options
By joining The Daily Hodl news list you agree to our
Terms and Conditions and Privacy Policy.
Featured Image: Shutterstock/Billion Photos

Cryptocurrency news and analysis, covering Bitcoin, Ethereum, Ripple, XRP, altcoins and blockchain technology

Categories

Bitcoin • Ethereum • Trading •
Ripple and XRP • Altcoins •
Blockchain • Regulators •
Scams • Crypto101 • HodlX •
Futuremash •
Industry Announcements

ABOUT US | EDITORIAL POLICY | PRIVACY POLICY
TERMS AND CONDITIONS | CONTACT | ADVERTISE

JOIN US ON TELEGRAM

JOIN US ON TWITTER

JOIN US ON FACEBOOK

COPYRIGHT © 2017-2023 THE DAILY HODL

No Result
View All Result
  • FEATURES
    • News
    • Bitcoin
    • Ethereum
    • Ripple and XRP
    • Altcoins
    • Trading
    • NFTs
    • Blockchain
    • Futuremash
    • Regulators
    • Scams
    • Crypto 101
  • HODLX
    • Latest Stories
    • FAQ
    • Submit Guest Post
  • INDUSTRY ANNOUNCEMENTS
    • Latest
    • Press Releases
    • ChainWire
    • Sponsored Posts
    • Submit Your Content
  • CRYPTO MARKETS
    • Bitcoin (BTC)
    • Ethereum (ETH)
    • Binance Coin (BNB)
  • BEGINNERS
    • What Is Bitcoin?
    • What Is Blockchain?
    • What Does Hodl Mean?
    • How to Pay Your Bills with Bitcoin
    • Best Bitcoin FAQs
    • Example of Bitcoin’s Purpose
    • Cryptocurrency Has Multiple Meanings
    • Authenticator Alert – Securing Your Crypto
  • SUBMIT
    • Guest Post
    • Press Release
    • Sponsored Post
    • Advertise
  • EMAIL ALERTS
  • DAILY HODL MIX

© 2023 The Daily Hodl