Komodo (KMD) a distributed ledger technology (DLT) project that claims to be highly secure, independently scalable and fully interoperable, announced in a blog post on June 5, 2019, that it was alerted of a security issue in one of the libraries used by the Agama wallet which could have potentially put the funds of some users at risk. It has, however, taken measures to secure the funds held within the vulnerable wallets.
Komodo Hacks itself to Fix Security Loophole
Per the blog post, the Komodo team has revealed that its attention was brought to a security issue in one of the libraries used by the Agama wallet and it could have potentially been exploited by hackers to steal the KMD tokens of some users.
However, the blockchain project’s cybersecurity team promptly responded to the issue by exploiting the same loophole which would have been used by bad actors to take control of several affected seeds.
The Komodo team says it has successfully swept 8 million komodo (KMD) and 96 bitcoin (BTC) from the vulnerable wallets and the digital assets have been stored securely in two of its wallets: (KMD) RSgD2cmm3niFRu2kwwtrEHoHMywJdkbkeF and (BTC) 1GsdquSqABxP2i7ghUjAXdtdujHjVYLgqk.
The funds can be reclaimed by their respective owners after checking either address to confirm that their funds were sent to it followed by filling a form.
Pre-emptive Measures to Secure Funds
Users whose wallet have not been swept or who control other assets besides KMD and BTC have been advised to move their funds to a new address entirely.
Specifically, they are to migrate to a wallet such as the Verus version of Agama wallet or the latest Verus version which Komodo says “is not affected by this vulnerability and is still completely secure”.
Other wallets which have been tagged “safe” and recommended for use by the blockchain project include KomodoOcean QT and the Ledger hardware wallet.
Another category of wallets which has been proposed for use but tagged “not ideal” because of their closed source nature are third-party wallets such as Magnum, Zelcore, Chameleon, Coinomi, Pungo, and Guarda.
On the contrary, users have been advised to stay away from all versions of the Agama wallet downloaded from the official site, Agama mobile wallet for Android and iOS devices, and the atomic explorer wallet.
Hacks and heists are fast becoming synonymous with the cryptospace and it appears nothing is entirely “unhackable” in the cryptosphere.
BTCManager on May 11, 2019, informed that Binance, a Malta-based cryptocurrency exchange had been hacked, gifting the cyberpunks over $40 million worth of bitcoin.