A popular cryptocurrency wallet has been abandoned after a vulnerability was identified that could have allowed threat actors to drain tokens from accounts.
As Check Point researchers discovered, the web-based version of Everscale's blockchain wallet (known as Ever Surf) suffered from a relatively simple flaw that allowed criminals to leak private keys and matchpoint phrases stored in storage. browser locale.
To do this, they would have first had to obtain the encrypted keys from the wallet, which is usually done through rogue browser extensions, info-stealing malware, or phishing.
After obtaining the encrypted keys, the attackers could have used a simple script to perform the decryption. The vulnerability made decryption possible in "just minutes, on consumer hardware," the researchers explained.
expensive teeth
CPR disclosed the vulnerability to the developers of Ever Surf, who then released a desktop version that mitigates the flaw, the company said in a press release. The web version has been tagged as deprecated and for development purposes only.
The seed phrases of accounts that store real value in crypto should not be used in the web version of Ever Surf, the researchers warned.
“Everscale is still in the early stages of development. We assumed there could be vulnerabilities in such a young product," said Alexander Chailytko, head of cybersecurity, research and innovation at Check Point Software.
"When working with cryptocurrencies, you should always be careful, make sure your device is malware-free, don't open suspicious links, keep your operating system and antivirus software up to date. Even though the vulnerability we found has been fixed in the new desktop version of Ever Surf wallet, users may encounter other threats such as vulnerabilities in decentralized applications or general threats such as fraud, phishing.
Ever Surf is described as a cross-platform messenger, blockchain browser, and crypto wallet for the Everscale blockchain network. It currently has more than 669.000 active accounts worldwide.
To stay safe, users should not follow suspicious links, especially those sent by strangers, always update their operating system and antivirus software, and should not download any software or browser extensions before verifying the identity of the source.