According to CCN's June 7 report, Komodo, a cryptocurrency platform, found that its wallet had serious security breaches and had to "hack" and "invade" its user computer system.
According to the official statement, Komodo's network security team successfully "sweeped" and retrieved 8 million Komodo (KMD) and 96 bitcoins, saving the value of about 13 million before the hacker had seized the security hole to steal the user's private key. The dollar encrypts the currency and eliminates the risk of its theft.
(Source: Pixabay )
Asset security and controlled by “centralization”
At the same time, the Komodo team transferred all of the assets to the company's two wallets:
After solving some of the details, users can retrieve the encrypted assets in the next few weeks. Komodo urges affected users to get in touch through their Discord chat platform. The team also encourages all users of its Agama wallet to take security precautions and transfer funds to the new address.
The act of saving encrypted assets from theft was successful, but it did raise questions about the "decentralized" nature of cryptocurrencies. If there is a dispute or fraud as described above, will someone be involved in the regulation of an emerging industry like cryptocurrency?
For cryptocurrency, open source is a double-edged sword
In this attack, hackers used an increasingly popular attack mode: releasing a "useful" package to npm, waiting for it to be used by the target, and then updating it to contain malicious payloads.
The open source concept has spawned mainstream software such as Linux, WordPress, and Firefox, but it also brings security costs. As remote work continues to evolve, developers need to be reviewed, and some of them are global.
Basically, we attacked the hacker, but he was very patient. He has been "disguised" into a normal contributor for several months.
KMD is not affected
The company blocked the loophole before the hacker could cause any serious damage, and KMD's response in the market was quite calm.
There is no doubt that cryptocurrency enthusiasts hope that this is the first and only event that requires “attacking” users to keep their money safe.