Advertisement
AD

Main navigation

Hackers Compromise BitPay’s Wallet, Adding Malware to the Code

Advertisement
Tue, 27/11/2018 - 13:15
Hackers Compromise BitPay’s Wallet, Adding Malware to the Code
Cover image via U.Today
Read U.TODAY on
Google News
Contents
Advertisement

BitPay has announced through GitHub that some hacker modified part of its Copay wallet’s software to upload some malicious code into it.

BitPay’s app remains secure

The hacker installed the virus on the wallet’s modifications 5.0.2 up to 5.1.0 of Copay and BitPay’s crypto storage apps. Experts believe this malicious code can be utilized for stealing private keys in order to get hold of customers’ BTC and BCH coins.

BitPay reps assure that the company’s app proved to be not vulnerable to the hackers’ attempts to compromise it. But currently they are busy researching if any damage has been done to the users of Copay’s platform.

Related
Ledger ‘Cold’ Wallet Expands to New York to Build Custody Service for Institutional Investors

Secure update already released

The company urges its customers not to switch on their Copay wallets if it is versions 5.0.2 – 5.1.0 that they use. BitPay and Copay together have already managed to create and release an improved wallet – the 5.2.0 version, which does not contain any malicious codes and can be used by all customers of both BitPay and Copay. The companies assure that the updated version of the wallet will appear in online stores instantly.

BitPay has warned their clients that since keys on the infected wallets were probably copied, they had better transfer their crypto to the new version of the Copay wallet as soon as possible. The company also noted that users should not import their seed phrases made up of 12 words, since they too can be compromised and serve as a way to restore lost crypto.

The recommended way to transfer their coins from old vaults to the new ones is the Send Max feature, suggests BitPay.

The main suspect

It is believed that the trouble was initiated by a fake developer nicknamed Right9ctrl. He took over maintaining the NodeJS library from the guy who created it but could no longer devote time to work on the library. The latter reportedly took place a quarter of a year ago. Back then, the fake developer got access to the library and infected it with malware.

Advertisement
TopCryptoNewsinYourMailbox
TopCryptoNewsinYourMailbox
Advertisement

Latest Press Releases

Our social media
There's a lot to see there, too

Popular articles

Advertisement
AD