Researchers exploit crypto wallet bug before hackers to save customer funds

News by Robert Abel

Researchers at the npm Inc security team discovered a backdoor in the Agama cryptocurrency wallet on the Komodo platform during a security audit of the platform

A cryptocurrency startup exploited a backdoor in its own platform to protect its customer’s funds after threat actors had spotted and attempted to exploit the flaw.

Researchers at the npm Inc security team discovered a backdoor in the Agama cryptocurrency wallet on the Komodo platform during a security audit of the platform. 

"This attack focused on getting a malicious package into the build chain for Agama and stealing the wallet seeds and other login passphrases used within the application," npm researchers said in a blog post on 5 June. 

Upon further investigation, the researchers identified a malicious update that lead them to the discovery of a supply chain attack aimed at another app downstream, which was exploiting the newly discovered backdoor. 

Researchers used the same vulnerability to seize its user’s funds, 8 million KMD and 96 BTC collectively worth nearly US$13 million (£10 m), and transport them to safety before the threat actors could gain access to them. The vulnerable wallet has since been discontinued and those who were affected are recommended to create new KMD and BTC addresses that use new seeds and passphrases.

This article was originally published on SC Media US

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Webcasts and interviews 

Interview - Everyone has an Achilles heel: The new security paradigm

How can we defend networks now that the perimeter has all but disappeared?
Brought to you in partnership with ExtraHop