User under the name warith reported missing $60 000 – $70 000 after the installation cryptopolitico wallet Coinomi from the official website.
Spell check ur crypto-currency wallet”s passphrase remotely with #Coinomi 😂https://t.co/xuQnLf0vOyhttps://t.co/nasw8FfmpQ#btc $btc $ltc $xmr $trx $xrp $zcoin $dash $zcash for $gno $eth $ark $bch
— Warith Al Maawali (@warith2020) February 26, 2019
“My main wallet Exodus did not support some of the assets and I decided to move them to Coinomi using the same seed-phrase”, – he writes.
A few days warith noticed that 90% of total assets, bitcoin ETH, tokens, ERC20, LTC and BCH total value up to $70 000 were withdrawn from his Exodus-wallet to a different address. In the wallet were only those assets which were not supported Coinomi.
To understand the situation, warith tracked the application traffic Coinomi and found that at the time of launch, it downloaded the list of words from the dictionary.
“I entered a random seed phrase in the box to restore the wallet and found that in clear text it was transferred to the address googleapis.com to check the spelling.
Everyone connected with the technology and cryptocurrency, you know what 12 random English words can be seed-phrase from crypto.Thus, someone, Google or someone with access to the HTTP requests transmitted to the googleapis.com found a code phrase and used it to steal $60 000 — $70 000 in bitcoin”, – says warith.
The user wrote a post about the incident on Twitter, however, has made Coinomi only evasive answers in personal correspondence. In this regard, warith ready to present the company’s claims, “if it continues to avoid responsibility”.
Some time later, the representative of the Coinomi in an interview with the publication Trustnodes reported that discovered the vulnerability has been fixed and was only a desktop version of the wallet.
“Requests to Google were encrypted and incorrect, which they are not treated. Spell check locally”, he said, promising that the company will soon prepare an official commentary on the incident.
We will remind, earlier in February, a vulnerability was discovered in the Antminer devices S15, which in theory allows attackers to completely take control of the ASIC.
Source
