Latest Stories
  1. Comprehensive Cryptocurrency Market Report - 4/16/2024
  2. The selling came early this year?
  3. GBTC lost half its bitcoin already
  4. Anyone buying $60k bitcoin?
  5. Who's gonna find the epic Sat?
dApp

Strange “Spell Check Bug” Found In Coinomi Wallet

from The Bitcoin News     0  948
Strange “Spell Check Bug” Found In Coinomi Wallet

The victim, Warith Al Maawali, claims that a text box built into the Coinomi wallet sent his seed phrase to Google’s online spell check service. Since a seed phrase can be used to gain access to a wallet, handling data in this way is a major risk. Al Maawali claims that the bug was used to steal $60,000 of cryptocurrency from his wallet.

The Bug Has Been Confirmed

He also says that Coinomi has “refused to take responsibility,” which has forced him to reveal the problem publicly. Coinomi itself has now responded, admitting that Google spell checks did occur due to a “bad configuration” in one of the wallet’s plug-ins. However, Coinomi also says that this function sent text securely—and that Google actually rejected the data.

Actual Exploit Up For Debate

Not everyone believes Al Maawali’s story. Since Coinomi’s wallet never sent data to a non-secure location, Al Maawali believes that a “Google employee, or whoever has control over the data,” gained access to his seed phrase and stole his funds. Of course, the idea that Google employees are stealing cryptocurrency is an extraordinary claim.

That claim is not entirely impossible, but few people are prepared to believe it. Although Al Maawali has demonstrated the spell check bug in a video, he can only prove that the data reached Google, not that Google employees actually stole his data. In other words, it is possible that the bug exists, but was never really exploited by an attacker.

Instead, many suspect that Al Maawali’s cryptocurrency was stolen by more common means. Some believe that his computer was infected by spyware or malware, while others believe that he leaked his seed phrase elsewhere. However, Al Maawali’s critics ultimately have no more proof than he does, meaning that the conflict may never be resolved.

Are Software Wallets Safe?

Even though exchanges and web wallets are usually the focus of security concerns, software wallets can also carry vulnerabilities. Some of these attacks are quite creative: the Electrum wallet, for example, recently fell victim to a convincing phishing attack when attackers used notification boxes to promote a fake update and steal user keys.

The bottom line is that storing cryptocurrency on any device connected to the Internet provides attackers with a potential way to steal cryptocurrency. Although software wallets are generally safe, they are still sometimes vulnerable. Hardware wallets are safer still, but even they have faced criticism—meaning that wallet security is never 100% certain.

 

source: https://unhashed.com/cryptocurrency-news/strange-spell-check-bug-found-in-coinomi-wallet/

Propose a new tag
Editor's Choice
Why LINK could give investors a run for their money in the coming days
Altcoins

Why LINK could give investors a run for their money in the coming days

Can the stars tell you what ChatGPT’s Bitcoin price predictions couldn...
Market Analysis

Can the stars tell you what ChatGPT’s Bitcoin price predictions couldn...

Cardano [ADA] retests Q1 price ceiling- Will bulls go forth? 
Altcoins

Cardano [ADA] retests Q1 price ceiling- Will bulls go forth? 

Joseph Ziolkowski – RELM – The Smart Economy Podcast: Episode 35
Altcoins

Joseph Ziolkowski – RELM – The Smart Economy Podcast: Episode 35

Metacade’s Highly Anticipated MEXC Listing Confirmed For 4th May
Exchanges

Metacade’s Highly Anticipated MEXC Listing Confirmed For 4th May

Bitcoin Price Prediction May – Could These 6 Cryptos Provide 50X More...
Bitcoin

Bitcoin Price Prediction May – Could These 6 Cryptos Provide 50X More...

AI-powered education: how BeNFT Solutions is creating the jobs of the...
Blockchain

AI-powered education: how BeNFT Solutions is creating the jobs of the...

Tether [USDT] – Now that the DDoS attack is behind it, here’s the post...
Institutional

Tether [USDT] – Now that the DDoS attack is behind it, here’s the post...

Silicon Valley wants to introduce metaverse standards
Blockchain

Silicon Valley wants to introduce metaverse standards

Mortgage giant Sun West Up to give away 5 ETH as they introduce blockc...
Fintech

Mortgage giant Sun West Up to give away 5 ETH as they introduce blockc...

Ethereum (ETH) with double-digit price growth
Ethereum

Ethereum (ETH) with double-digit price growth

Neo News: Week in Review – June 20 – June 26
Altcoins

Neo News: Week in Review – June 20 – June 26

The $100 Trillion Market, Can Crypto Handle It?

The $100 Trillion Market, Can Crypto Handle It?

Why is Bitcoin falling if it’s a ‘Safe Haven’ asset

Why is Bitcoin falling if it’s a ‘Safe Haven’ asset

Rumor mill circulating news of a possible link between Takung Art Co L...
Market Analysis

Rumor mill circulating news of a possible link between Takung Art Co L...

Wallstreetbets and hedge funds put on blast as day trading retail apes...
Market Analysis

Wallstreetbets and hedge funds put on blast as day trading retail apes...

Support this Site
Try the Brave Browser
Try the Brave Browser

Share your thoughts, add a comment!

You must be logged in in order to place a comment.

Article comments

Loading...
No comments yet, be the first to comment this article