Coinomi Claims That Spell Check Bug Couldn’t Result in Loss of Funds

News
Thu, 02/28/2019 - 16:03
article image
Alex Dovbnya
Coinomi admits that there was an issue with their desktop wallet, but it’s highly unlikely that it led to a loss of funds
Coinomi Claims That Spell Check Bug Couldn’t Result in Loss of Funds
Cover image via U.Today
Read U.TODAY on
Google News
Contents

No, Google didn’t steal Warith Al Maawali’s coins. In its Medium blog post, Coinomi denied his allegations, questioning the fact that a single spell check made Maawali lose all his life savings. Maawali, who immediately wanted the company to return him his supposedly lost funds, never proved the authenticity of his claims.

Related
Redditor Claims He Lost His Life Savings Due to Coinomi Wallet Critical Vulnerability

Google didn’t steal anything

In his Reddit post, Maawali implies that Google employees could be behind the hack. His seed phrase was remotely sent to the company’s servers after a spell check request. However, according to Coinomi, the passphrase was sent in the form of an encrypted HTTPS request, which wasn’t processed, cached or stored. Indeed, only Google had the opportunity to read the seed phrase, but the badly formed requests were rejected.

The report is put into question

The vulnerability was fixed by the jxBrowser plug-in team on Feb. 21 when the Coinomi team was contacted by Maawali. After the alleged ‘hack’, Maawali immediately demanded his 17 BTC back while threatening to make things public, which he eventually did on Feb. 26. Given that there is no way to prove the authenticity of Maawali’s claims, he might have never lost his assets in the first place.      

Coinomi emphasizes that their users are safe, but encourages everyone to update their desktop client to the latest version. They also remind users that their desktop wallet has never been hacked.

article image
About the author

Alex Dovbnya (aka AlexMorris) is a cryptocurrency expert, trader and journalist with extensive experience of covering everything related to the burgeoning industry — from price analysis to Blockchain disruption. Alex authored more than 1,000 stories for U.Today, CryptoComes and other fintech media outlets. He’s particularly interested in regulatory trends around the globe that are shaping the future of digital assets, can be contacted at alex.dovbnya@u.today.

thecryptobuds