Crypto Game
  • Advertise
  • Submit a Press Release
  • Contact Us
Blockchain & Cryptocurrencies Tabloid
  • Finance & Blockchain News
  • Bitcoin News

    Strategy’s Potential S&P 500 Inclusion Hinges on Bitcoin Stability

    Strategy’s S&P 500 Eligibility Hinges on Bitcoin Price Stability

    Michael Saylor’s Strategy Nears S&P 500 Inclusion

    Michael Saylor Advocates Ending Bitcoin Mining Double Taxation

    Michael Saylor Advocates Ending Bitcoin Miner Double Taxation

    Michael Saylor, Sen. Lummis Urge End to Bitcoin Mining Taxes

  • Altcoin News
    • All
    • Bitcoin Cash
    • Cardano
    • EOS
    • Ethereum
    • Litecoin
    • Monero
    • Ripple
    • Stellar

    Robinhood Executes Tokenized OpenAI Share Transfer via Arbitrum

    Robinhood Successfully Transfers OpenAI Shares via Arbitrum

    Robinhood Transfers OpenAI Shares via Arbitrum

    Robinhood’s Vlad Tenev Confirms OpenAI Share Transfer via Arbitrum

    Ripple Agrees to $125M Settlement, SEC to Withdraw Appeal

    US SEC Delays Ethereum ETF Staking Decision

    Trending Tags

    • Ethereum
    • Bitcoin Cash
    • Litecoin
    • Monero
    • Ripple
  • Crypto 101
    • All
    • Cryptocurrencies
    • Exchanges
    • Services
    • Wallets
    Benefits Of Choosing the Right AI Trading Bot

    4 Benefits Of Choosing the Right AI Trading Bot

    Crypto Trading

    A Beginner’s Guide to Crypto Trading: Unlocking the World of Digital Coins

    BitcoinGames.com

    BitcoinGames.com Introduces the Ultimate Casino Gaming Experience with Bitcoin

    How AI is Helping Athletes and Fans Get the Most out of the Game

    From Training to Judging, AI is Entering the Ring

    Top 5 Websites for Buying Gift Cards with Crypto

    Clutch Savours – Gift Certificates You Can Buy with Crypto

    Layer 2 Blockchains

    Everything You Need To Know About Layer 2 Blockchains

  • Blockchain Events
No Result
View All Result
Blockchain & Cryptocurrencies Tabloid
No Result
View All Result

Major Coinomi Wallet Vulnerability Exposed

Anca F. by Anca F.
February 27, 2019
in Latest News
Coinomi vulnerability

A critical vulnerability was found in the crypto mobile wallet Coinomi when a user lost $60k-70k of cryptocurrency after he installed the app. According to users, the platform sent plain text seed phrases to Google API for spellchecking.

IT security consultant, Warith Al Maawali, is the person attributed to first discovering the problem. But he made this discovery at the cost of his own crypto, and because of this he made a website avoid-coinomi.com detailing the events and cautioning others to not use the service.

“First of all I admit it was my mistake trusting Coinomi wallet by inserting one of my main wallets (Exodus wallet) passphrase into their application,” Al Maawali wrote on his website.

“I wanted to shift some of the assets that were not supported by Exodus wallet using the same passphrase/seed.”

The consultant went on to explain that their main application, which was installed on February 14 by the user, was not digitally signed, and he alerted the Coinomi team through Twitter about this issue- but he had already entered his passphrase for his Exodus wallet into the non-signed one.

He noticed afterward on February 22nd that “more than 90% of my Exodus wallet assets were transferred to multiple wallet addresses and the first transaction began with BTC on 19th February 2019 around UTC 3:30 AM. Then followed by ETH (including ERC20 tokens), LTC and finally BCH.”

When he began delving deeper into the matter, he found out that the entire passphrase, which was written in plain text, was sent to a third party domain (googleapis.com) for spellchecking purposes.

“As a result, someone from Google’s team or whoever had access to the HTTP requests that are sent to googleapis.com found the passphrase and used it to steal my USD 60K – USD 70K worth crypto assets (at current market price). Anyone who is involved in technology and crypto-currency knows that a 12 random English words separated by spaces will probably be a passphrase to a cryptocurrency wallet,” u/warith wrote.

He alerted Coinomi of what he discovered, but he did not get the response he was expecting.

“Coinomi’s team did not reflect any responsible behavior and they kept asking me about the technical issue behind the bug because they were worried about their public image and reputation. They kept reminding me (kinda threatening me) of the legal implications if I go public with the information I have and they forgot their legal responsibility for my stolen crypto assets as well as the risk that impacts other users of the wallet.”

The user said he will be taking legal action against Coinomi LTD, should the company not take assume fault for the technical issue that has caused him financial damage. He also received a reward from Coinomi for finding the bug, but he is not satisfied with the response given to him in relation to his lost funds.

Coinomi apparently solved the bug and kept quiet. They have identified the addresses and blacklisted them, and the funds have not been touched since the incident.

This isn’t the first privacy breach Coinomi has experienced. Last year, user addresses were leaked by the wallet in plain-text on opening.

Tags: Coinomi walletCoinomi wallet vulnerabilitylost fundsSecurity bug
Previous Post

Wirex Extends Support to Include 10 New Fiat Currencies

Next Post

Best Cardano Wallets: Where to Store Your ADA

Anca F.

Anca F.

Related Posts

Michael Saylor’s Strategy Nears S&P 500 Inclusion

by Solomon M.
July 1, 2025

Strategy, led by Michael Saylor, eyes S&P 500 inclusion, impacting Bitcoin and traditional finance.

Robinhood Completes Transfer of OpenAI Shares on Arbitrum

by Solomon M.
July 1, 2025

Robinhood successfully transfers tokenized OpenAI shares using Arbitrum blockchain, marking a significant move in democratizing private company shares.

Sparkassen to Launch Crypto Trading Services in 2026

by Solomon M.
July 1, 2025

Germany's Sparkassen plans to offer crypto trading by 2026, marking a strategic shift for the bank.

Germany’s Sparkasse Plans to Launch Crypto Services by 2026

by Solomon M.
June 30, 2025

Germany's largest bank, Sparkasse, to offer crypto trading to 50 million clients by 2026.

Trump Urges Federal Reserve to Cut Interest Rates to 1%

by Solomon M.
June 30, 2025

Donald Trump pressures the Federal Reserve to reduce interest rates to 1%, citing economic concerns. This move could significantly impact...

BitMine Secures $250M for Ethereum Treasury Launch

by Solomon M.
June 30, 2025

BitMine raises $250M for Ethereum corporate treasury, marking a major shift in crypto asset strategies.

We Recommend

Top Rated Casinos
Bitstarz Casino

BitcoinCasino.io
Top Crypto Betting
1xBit.com
Top Rated Exchanges
Binance Exchange

Bityard.com
Top Advertising Services
Coinzilla Display Network
Top Crypto Wallets
Ledger Nano X

  • Terms and Conditions
  • Privacy Policy
  • Advertise
  • About Us
  • Contact Us

© 2018-2019 theccpress.com by Brantell Media.

No Result
View All Result
  • Finance & Blockchain News
  • Bitcoin News
  • Altcoin News
  • Crypto 101
  • Blockchain Events

© 2018 - 2019 theccpress.com, a Brantell Media project.

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.