In light of the current breach that has seen an estimated $9.2 million worth of funds taken, MyAlgo, an Algorand network wallet service, has advised its users to remove funds from any accounts made with a seed phrase.
Although MyAlgo did not comment on the anticipated financial losses caused by the assault, blockchain sleuth ZachXBT has reported that more than $9.2 million was likely taken between February 19 and February 21, based on information gathered by blockchain intelligence platform TRM Labs. After confirming an attack occurred over a week ago, the server reported no further activity.
I haven’t seen many posts about this on CT yet but it’s suspected over $9.2m (19.5M ALGO, 3.5m USDC, etc) has been stolen on Algorand as a result of this attack from Feb 19th to 21st.
— ZachXBT (@zachxbt) February 28, 2023
ChangeNow shared they were able to freeze $1.5m. https://t.co/BPCXTUD57n pic.twitter.com/A3t7Ss0e83
On February 27th, MyAlgo tweeted the warning, explaining that it still didn’t know what caused the recent wallet breaches but that everyone should take cautious steps to safeguard their funds.
IMPORTANT: ⚠️We strongly advise all users to withdraw any funds from Mnemonic wallets that were stored in MyAlgo. As we still don't know the root cause of recent hacks, we encourage everyone to take precautionary measures to protect their assets. Thank you for your understanding.
— MyAlgo (@myalgo_) February 27, 2023
In an earlier statement on February 27, the team issued a caution about a targeted attack carried out against a collection of high-profile MyAlgo accounts. This attack appears to have been carried out over the course of the previous week. According to MyAlgo, users who had mnemonic wallets where the key was placed in an internet browser were especially vulnerable to the vulnerability because of the location of the key. The generation of a private key in a mnemonic wallet generally involves the use of between 12 and 24 syllables.
Recently, a targeted attack was carried out against a group of high-profile MyAlgo accounts. We have been in communication with the affected victims since the attack happened to identify the root cause of it.
— MyAlgo (@myalgo_) February 26, 2023
On February 27, John Wood, the chief technology officer at the Algorand Foundation, went to Twitter to announce that approximately 25 accounts had been compromised as a result of the vulnerability. He went on to say that the vulnerability is not the product of a fundamental problem with the Algorand protocol or the software development tools associated with it.
1/n Update on the exploit impacting ~25 accounts: from our investigation, this is not the result of an underlying issue with the Algorand protocol or SDK.
— John Woods (@JohnAlanWoods) February 27, 2023
On February 27th, a group of developers working on the Algorand project, called D13.co, published a report that patched up numerous security holes in the system, including those in software like ransomware and operating systems. According to the study, socially designed phishing attacks were the “most likely” cause of the exposed seed phrases, followed by the targeted exfiltration of decrypted private keys, for the impacted users.
