Several Bitcoin Wallets Compromised to Steal Bitcoin funds

Several Bitcoin Wallets Compromised to Steal Bitcoin funds

Bitcoin News
November 27, 2018 by Sandra Onyeiwu
1254
Global bitcoin payment service provider, BitPay announces that its open source bitcoin wallet Copay has been attacked and exposed to malicious code with the intent to steal Bitcoin (BTC) and Bitcoin Cash (BCH) funds. Someone managed to inject malicious code into versions 5.0.2 through 5.1.0. The BitPay app itself was not affected. The issue was
Bitzamp


Global bitcoin payment service provider, BitPay announces that its open source bitcoin wallet Copay has been attacked and exposed to malicious code with the intent to steal Bitcoin (BTC) and Bitcoin Cash (BCH) funds.

Someone managed to inject malicious code into versions 5.0.2 through 5.1.0. The BitPay app itself was not affected.

The issue was spotted by Github user developer, who posted the issue on Github early on Monday, but only today have researchers been able to understand what the heavily obfuscated malicious code actually does.

The malicious code is named Event-Stream, a JavaScript npm package for working with Node.js streaming data. This is an extremely popular JavaScript library, with over two million weekly downloads on the npm.org repository, but about three months ago, its original author, due to a lack of time and interest, handed its development over to another programmer named Right9ctrl.

The attack has affected Copay and other major bitcoin wallets. Copay’s open source code is used by many crypto applications as well, so it has the potential to affect far more than just bitcoin wallets.

There’s a possibility that BitPay, one of the world’s largest bitcoin payment processing companies, was also affected by this attack. BitPay built and maintained Copay.

Do not open the program if you are using those versions of the wallet.

Instead, update to the new 5.2.0 version first, then use that version to remove all funds and send them to a new wallet. You can either generate a brand new wallet with the 5.2.0 version or send funds to a different wallet. Do not use the recovery phrases or anything else from the compromised versions. BitPay is still investigating whether any users were affected.

Get Bitzamp Latest Update By Downloading our Mobile App: Bitzamp – Cryptocurrency News – Apps on Google Play


Join Us On Telegram | Twitter | Facebook


Add a Comment