On January 13th, ScaleBit, a branch of the security company BitsLab, raised concerns about a possible weakness in the Web3 wallets of Uniswap, a decentralized exchange. This issue, if validated, could potentially put all stored assets at risk.
According to ScaleBit’s announcement, there’s a reported issue where attackers with direct access to the device can circumvent the digital wallet’s security measures and immediately obtain the recovery phrase saved within it.
In simpler terms, the mnemonic phrase or “seed” of a Web3 wallet is a sequence of usually 12 to 24 randomly chosen words. This unique combination allows you to manage your wallet’s resources from various devices, as it provides full control over the assets stored within.
According to ScaleBit, it only takes a person with access to an unsecured device about three minutes to acquire the wallet’s recovery phrase. Concerningly, this vulnerability still exists in the most recent version of the application.
According to ScaleBit, it’s advisable for Uniswap Wallet users to refrain from lending assets to others temporarily, as a safety precaution, until the identified vulnerability has been fixed.
Representatives from Uniswap didn’t provide immediate comments regarding our inquiries, while we couldn’t confirm the reported vulnerability on our own.
Exploit losses
Last December, Cyvers, a security company, informed CryptoMoon that in 2024, the value of cryptocurrency lost due to cybersecurity exploits jumped by about 40% compared to the previous year, reaching approximately $2.3 billion.
The upward trend indicates a surge in incidents of unauthorized access to security controls, notably affecting centralized cryptocurrency exchanges (CEXs) and crypto custodians, as reported by Deddy Lavid, co-founder and CEO of Cyvers. One frequent type of such breaches involves the use of mnemonic phrases.
In the final months of 2024, instances of cryptocurrency fraud, exploits, and hacking significantly decreased, according to CertiK’s December 31 update, with December marking the lowest amount stolen in these incidents.
According to CertiK, the reported losses due to exploits, hacks, and scams were approximately $28.6 million in December as compared to $63.8 million in November and a staggering $115.8 million in October.
In a January 1st post on X, the blockchain security company PeckShield disclosed data comparable to this. They reported that losses due to hacks amounted to approximately $24.7 million in December, marking a significant drop of 71% compared to November’s figures.
Read More
- RLC PREDICTION. RLC cryptocurrency
- OKB PREDICTION. OKB cryptocurrency
- CAKE PREDICTION. CAKE cryptocurrency
- TRB PREDICTION. TRB cryptocurrency
- TRAC PREDICTION. TRAC cryptocurrency
- POL PREDICTION. POL cryptocurrency
- OM PREDICTION. OM cryptocurrency
- XDC PREDICTION. XDC cryptocurrency
- SXP PREDICTION. SXP cryptocurrency
- CTK PREDICTION. CTK cryptocurrency
2025-01-13 20:18