DASH

MyDashWallet is a popular platform for using the DASH cryptocurrency, however, its team is now urging users to abandon it. It seems the service’s security has been compromised for two months now.

DASH’s marketing manager Michael Seitz recently published a forum post that the MyDashWallet platform has been vulnerable for two whole months. According to him, “the hacker was able to obtain private keys used between May 13 and July 12.” For those using MyDashWallet, you may want to never log in again and import your private keys into another wallet.

Similar to MyEtherWallet, MyDashWallet is a JavaScript-run interface intended to make storing and sending DASH easy. It is remarkable that it was compromised for this long without alerting the team.

Dash

Move Funds From MyDashWallet

Seitz suggests that everyone who’s ever used the platform to move their funds to an entirely new wallet which has never been accessed through the MyDashWallet platform. Given what we know so far, “anyone using MyDashWallet.org… should assume their private keys are known by the hacker,” Seitz said.

According to recent reports, there were issues with the platform for a year without proper audits being made. Apparently, MyDashWallet underwent some changes in April of 2018 where an external script was added by a third-party named ‘GreasyFork.’ This was the entry point hackers used to gain access to MyDashWallet and insert malicious code to track private keys. The added code would record and send all private keys that were inputted to an external server where they would be stored.

mydashwallet

Unknown Amount Stolen

It’s currently unknown how much DASH has been stolen as a result of the hack. Right now, the platform is claiming to have lost 143.8 DASH ($17,597), but this is definitely a very low estimation. As of now, the vulnerability does not affect any other third-party wallets.

The Dash Core Group took efforts to distance themselves from the hack and stressed that “at no time was the Dash network itself compromised.” Instead, the code for MyDashWallet was never reviewed by accredited third-parties. It is unlikely that the platform will be able to revive its now-tarnished reputation.

What wallets do you use to make sure your DASH is safe? Let us know your thoughts in the comments below. 


Images courtesy of Shutterstock.

 

As a trusted news outlet in the blockchain and cryptocurrency industry, BeInCrypto
always strives for the highest journalistic standards and adheres to a strict set
of editorial policies. BeInCrypto is an independent website with authors and management
that may personally invest in cryptocurrencies or blockchain startups.

The post MyDashWallet Was Compromised by Hackers for Months appeared first on BeInCrypto.

Source
Author: Anton Lucian

Categories: Altcoins

0