In an unusual attempt to protect its customers from getting hacked, Komodo Platform, a cryptocurrency startup hacked itself. When it found out about a vulnerability present in its mobile wallet application named Agama, Komodo hacked it by exploiting the vulnerability to exfiltrate about $13 million of its customers’ funds before an outside group could.
The company stated that it received a notification on June 4, 2019, at 5 pm UTC from the security firm npm about a malware threat targeting the users of its cryptocurrency wallet Agama and helped protect over $13 million USD in cryptocurrency assets. Komodo said the attack was focused on injecting malware to steal the wallet seeds and other login passphrases used within the application.
“It now seems clear that the bug was created intentionally to target Komodo’s version of Agama wallet. A hacker spent several months making useful contributions to the Agama repository on GitHub before inserting the bug. Eventually, the hacker added malicious code to an update of a module that Komodo’s Agama was already using,” Komodo said in a statement. “The update contained malicious code that stored all seed phrases on a public server. The hacker saved the seed phrases on a public server to obscure his/her identity and to create a scenario where anyone could be a suspect when the vulnerability was finally exploited.”
Komodo has notified the affected users about the hack and informed the process of reclaiming the funds.
There have been multiple breaches reported by cryptocurrency exchanges in recent times. In a major security breach, hackers stole over $40 million worth of Bitcoin from the popular cryptocurrency exchange Binance. The Taiwanese company stated it discovered the breach on May 7, 2019, at 17:15:24 (UTC), in which hackers illegally obtained over 7,000 Bitcoins by using a variety of attack methods, including phishing, viruses, and other attacks.
According to Binance, hackers also accessed several user API keys, 2FA codes, and other information. Following the hack, the exchange suspended all the operations temporarily and assured that it will refund the affected customers in full. In February 2019, crypto brokerage platform Coinmama notified users that it suffered a security breach which affected around 450,000 users’ emails and hashed passwords. The company stated that a few unknown intruders compromised customer data and kept for sale on a dark web registry.
Similarly, Cryptopia lost nearly 19,390 ETH tokens in a cyber-attack. According to reports, the hackers have been sending their loot to popular crypto exchanges with Bitbox, Binance, and Huobi seeing the most withdrawal volumes. It is estimated that out of the $16 million stolen by hackers nearly $900,000 have been withdrawn.
