image source : CoinTelegraph
There exists a massive vulnerability on popular crypto wallet Jaxx. It's on Jaxx's backup system. There is a problem in wallet backup phrase storage methods. And hackers are already exploiting this problem to steal cryptocurrency from users Jaxx wallets.
A researcher of Vx Labs discovered this vulnerability on the late the Friday. He said -
“Even when your Jaxx has a security PIN configured, anyone with 20 seconds of (network) access to your PC can extract your 12 word backup phrase and copy it down,” the report reveals. “Jaxx does not have to be running for this to happen.”
Now, a user of Jaxx wallet reported that he was robbed almost $400K worth cryptocurrencies including Ethereum (ETH), Ethereum Classic (ETH) and Zcash.
Here is a screenshot of the theft -
image credit : CoinTelegraph
Vx meanwhile “strongly recommended” users “avoid” Jaxx in future -
“In the future users will be able to secure their Jaxx wallet with both Trezor, Ledger and our own hardware wallets,” Vyas continued. “Until that time, please use Jaxx as a hot wallet for small amounts, and use hardware wallets for larger amounts.”
Source : https://cointelegraph.com/news/jaxx-wallet-vulnerability-users-report-400k-funds-thefts
Hi! I am a robot. I just upvoted you! I found similar content that readers might be interested in:
https://cointelegraph.com/news/jaxx-wallet-vulnerability-users-report-400k-funds-thefts
Moral of story: Do not trust anything except offline storage like hardware wallets (ledgers etc)