A hacker or group of hackers have managed to bypass the security measures of MyDashWallet's crypto wallet service. The wallet has apparently been attacked for two months - between May 13 and July 12, 2019. According to the official MyDashWallet website, the vulnerability has already been patched (in Chrome, Firefox, Edge, Android and iOS browsers).
How did the attack happen? The hackers managed to access the account of the developer of this script and added a few lines of malicious code to make it automatically send the private keys of MyDashWallet users to an external server.
According to Dash's representatives, the vulnerability had not been identified before just because the company does not check its code sufficiently. However, the hackers were only able to exploit this vulnerability in the last two months.
Although MyDashWallet is an independent developer, it has been helped by Dash Core Group to remove the vulnerability.
At the moment, the stolen amount is still unknown. However, a MyDashWallet user claims to have lost 143.84 DASH ($17,597) as a result of the hack.
MyDashWallet users have been advised to transfer their funds to other wallets.
Subscribe to our Telegram channel to stay up to date on the latest crypto and blockchain news.