Image for post
Image for post

More wallet stories in the press today! This time it is Copay, the wallet from BitPay, the US-based bitcoin payments processor that has been compromised.

BitPay made the announcement on Monday saying that it had learnt about the incident from a Copay Github report, which said that “a third-party JavaScript library used by the apps had been modified to load malicious code” as reported by Coindesk.

Versions 5.0.2 through 5.1.0 of the Copay and BitPay wallet apps are the ones affected by the malware that could capture private keys to steal bitcoin and bitcoin cash. But, BitPay also said: “However, the BitPay app was not vulnerable to the malicious code. We are still investigating whether this code vulnerability was ever exploited against Copay users.” BitPay stressed: “Users should assume that private keys on affected wallets may have been compromised, so they should move funds to new wallets (v5.2.0) immediately.”

If you are a BitPay app user, the company advises everyone not to move funds to a new wallet by importing their 12-word backup phrases, since they correspond to “potentially compromised private keys,” adding, “Users should first update their affected wallets (5.0.2–5.1.0) and then send all funds from affected wallets to a brand new wallet on version 5.2.0, using the Send Max feature to initiate transactions of all funds.”

Identity of hacker revealed

It is thought that a ‘developer’ called Right9ctrl is behind the attack. According to ZDNet, Right9ctrl took over maintenance of the NodeJS library, a Javascript library, from somebody who no longer had time to work on it, and that the takeover of the job three months ago, giving Right9ctrl access to the library, was when the malware was inserted into the system.

ZDNet said, “Right9ctrl released Event-Stream 3.3.6 which contained a new dependency — for the Flatmap-Stream library version 0.1.1. The Flatmap-Stream library v0.1.1 is where the malicious code resides.” In response to the attack on Copay wallet apps, those who maintain the npm.org JavaScript package repository have sought to rectify the problem and have taken down the Flatmap-Stream library from their site.

Written by

A blockchain platform that will take banking to another level https://www.lendo.sg

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store