Redditor Claims He Lost His Life Savings Due to Coinomi Wallet Critical Vulnerability

News
Wed, 02/27/2019 - 06:53
article image
Alex Dovbnya
Coinomi Wallet wanted to make sure that the user’s seed phrase didn’t contain spelling mistakes. That cost him $70,000
Redditor Claims He Lost His Life Savings Due to Coinomi Wallet Critical Vulnerability
Cover image via U.Today
Read U.TODAY on
Google News
Contents

Redditor u/warith77 (Warith Al Maawali) claims that he lost all his life savings ($60,000 - $70,000) because Coinomi, a popular multi-coin cryptocurrency wallet, exposed his passphrase to a third-party server. He took the issue to Reddit after Coinomi refused to take responsibility for his loss.

Related
Crypto Exchange COSS Reclaims 11 Mln of Its Stolen Coins from Hackers

90 percent of funds were gone in a snap  

The user encourages everyone to ditch Coinomi given that the critical vulnerability can lead to a similar black swan situation. The security issue was detected after he had already entered his Exodus’s wallet passphrase. Their main application, which was installed by the user on Feb. 14, was not digitally signed. On Feb. 22, he found out that 90 percent of his funds had been stolen. His portfolio included Bitcoin (BTC), Ethereum (ETH), and Litecoin (LTC).  

$70,000 spelling check

When trying to get to the core of the problem, he discovered that the Coinomi‘s ‘Restore Wallet’ textbox sent his seed phrase to googleapis.com for spelling check. Eventually, somebody got access to his passphrase and stole the funds.

Now, Al Maawali promises to take legal actions against Coinomi LTD, the UK-based company, if they don’t take responsibility for this security bug that cost him his life savings.  
 

article image
About the author

Alex Dovbnya (aka AlexMorris) is a cryptocurrency expert, trader and journalist with extensive experience of covering everything related to the burgeoning industry — from price analysis to Blockchain disruption. Alex authored more than 1,000 stories for U.Today, CryptoComes and other fintech media outlets. He’s particularly interested in regulatory trends around the globe that are shaping the future of digital assets, can be contacted at alex.dovbnya@u.today.

thecryptobuds