MyAlgo wallet users lost $9.2 million, but the cause remains unknown

MyAlgo wallet users lost $9.2 million, but the cause remains unknown.
Table of Contents

Some users of MyAlgo, a top provider of cryptocurrency wallets for the Algorand network, have experienced a loss of around $9.2 million as a result of an attack that occurred between February 19 and February 21, 2023.

Users lost 9.5 million ALGO coins, 3.5 million USDC stablecoins, and numerous other cryptocurrency tokens, according to information provided by the well-known, self-proclaimed on-chain sleuth ZachXBT. Meanwhile, they said that the ChangeNow cryptocurrency exchange was able to freeze $1.5 million in stolen assets.

MyAlgo wallet insisted that a number of “high-profile” MyAlgo accounts were the victims of the “targeted attack.” They claimed to have been in contact with the victims of the attack since it occurred in order to determine the root cause. 

Users who had mnemonic wallets with the key kept in an internet browser were particularly vulnerable to the hack, according to MyAlgo. A mnemonic wallet typically generates a private key from 12 to 24 words.

MyAlgo Wallet Urged Users to Withdraw Funds

The Algorand-based wallet, however, instructed its users to withdraw funds from any wallet configured with a seed phrase. The platform tweeted the warning on February 27, saying it was still unsure of what caused the most recent wallet attacks and urging everyone to take precautions to safeguard their funds.

MyAlgo wallet users lost $9.2 million, but the cause remains unknown.

It stated,

“Do not rush things, and make sure you are transferring funds or rekeying accounts in a safe manner.”

According to their statements, the attacks took place more than a week ago, and since then, there have been no new movements.

A further update on the attack was also shared on Twitter by John Woods, the CTO of the Algo Foundation, who put the number of victim accounts at around 25. He asserts that no underlying problem with the Algorand protocol or software development kit (SDK) was the cause of the attack.

As a “precautionary measure,” he advised users of a hot wallet with MyAlgo to rekey to a ledger or other third-party wallet. 

D13.co, an Algorand-focused developer collective, also published a report on Feb. 27 that ruled out many potential exploit vectors, including malware and operating system vulnerabilities. According to the analysis, there is a non-zero likelihood that the theft was caused by a hack of the MyAlgo wallet software.

MyAlgo reaffirmed its commitment to cooperating with law enforcement and carrying out a thorough investigation to ascertain the attack’s underlying causes.

RELATED POSTS

Follow us on Social Networks

Crypto Tutorials

Crypto Reviews

Ads