On January 13th, ScaleBit, a branch of the security company BitsLab, raised concerns about a possible weakness in the Web3 wallets of Uniswap, a decentralized exchange. This issue, if validated, could potentially put all stored assets at risk.
According to ScaleBit’s announcement, there’s a reported issue where attackers with direct access to the device can circumvent the digital wallet’s security measures and immediately obtain the recovery phrase saved within it.
In simpler terms, the mnemonic phrase or “seed” of a Web3 wallet is a sequence of usually 12 to 24 randomly chosen words. This unique combination allows you to manage your wallet’s resources from various devices, as it provides full control over the assets stored within.
According to ScaleBit, it only takes a person with access to an unsecured device about three minutes to acquire the wallet’s recovery phrase. Concerningly, this vulnerability still exists in the most recent version of the application.
According to ScaleBit, it’s advisable for Uniswap Wallet users to refrain from lending assets to others temporarily, as a safety precaution, until the identified vulnerability has been fixed.
Representatives from Uniswap didn’t provide immediate comments regarding our inquiries, while we couldn’t confirm the reported vulnerability on our own.
Exploit losses
Last December, Cyvers, a security company, informed CryptoMoon that in 2024, the value of cryptocurrency lost due to cybersecurity exploits jumped by about 40% compared to the previous year, reaching approximately $2.3 billion.
The upward trend indicates a surge in incidents of unauthorized access to security controls, notably affecting centralized cryptocurrency exchanges (CEXs) and crypto custodians, as reported by Deddy Lavid, co-founder and CEO of Cyvers. One frequent type of such breaches involves the use of mnemonic phrases.
In the final months of 2024, instances of cryptocurrency fraud, exploits, and hacking significantly decreased, according to CertiK’s December 31 update, with December marking the lowest amount stolen in these incidents.
According to CertiK, the reported losses due to exploits, hacks, and scams were approximately $28.6 million in December as compared to $63.8 million in November and a staggering $115.8 million in October.
In a January 1st post on X, the blockchain security company PeckShield disclosed data comparable to this. They reported that losses due to hacks amounted to approximately $24.7 million in December, marking a significant drop of 71% compared to November’s figures.
Read More
- Masters Toronto 2025: Everything You Need to Know
- We Loved Both of These Classic Sci-Fi Films (But They’re Pretty Much the Same Movie)
- ‘The budget card to beat right now’ — Radeon RX 9060 XT reviews are in, and it looks like a win for AMD
- Valorant Champions 2025: Paris Set to Host Esports’ Premier Event Across Two Iconic Venues
- Forza Horizon 5 Update Available Now, Includes Several PS5-Specific Fixes
- Gold Rate Forecast
- Street Fighter 6 Game-Key Card on Switch 2 is Considered to be a Digital Copy by Capcom
- The Lowdown on Labubu: What to Know About the Viral Toy
- Karate Kid: Legends Hits Important Global Box Office Milestone, Showing Promise Despite 59% RT Score
- Mario Kart World Sold More Than 780,000 Physical Copies in Japan in First Three Days
2025-01-13 20:18