Proof-of-stake blockchain cryptocurrency protocol Algorand is urging users to withdraw their funds from MyAlgo wallets.
This is as MyAlgo, the native wallet provider for Algorand, reported Monday (Feb. 27) that an ongoing exploit has seen $9.6 million worth of customer funds so far stolen from the open-source, payments-focused blockchain network.
The crypto company fears that wallets created with a seed phrase (Mnemonic wallets) may have been compromised by scammers but has yet to officially determine the cause of the multi-million exploit.
“We strongly advise all users to withdraw any funds from Mnemonic wallets that were stored in MyAlgo,” MyAlgo tweeted. “As we still don’t know the root cause of recent hacks, we encourage everyone to take precautionary measures to protect their assets.”
IMPORTANT: ⚠️We strongly advise all users to withdraw any funds from Mnemonic wallets that were stored in MyAlgo. As we still don't know the root cause of recent hacks, we encourage everyone to take precautionary measures to protect their assets. Thank you for your understanding.
— MyAlgo (@myalgo_) February 27, 2023
A report released Monday by Algorand-focused developer collective D13.co also posits the claim that the two most likely scenarios underpinning the attack are either that each affected individual “had their [wallet password] seed phrase compromised through social engineering/phishing,” or that the theft was the result of a MyAlgo.com compromise, “leading to targeted exfiltration of unencrypted private keys.”
A mnemonic wallet typically uses between 12 to 24 words to generate a private key.
Read More: Digital Economy Payments – The Ascent of Digital Wallets
John Woods, chief technology officer (CTO) of the Algorand Foundation, confirmed around 25 wallets were affected, adding that the issue did not appear to be tied to “an underlying issue with the Algorand protocol or SDK (software development kit).”
“Do not rush things and make sure you are transferring funds or rekeying accounts in a safe manner. The attacks happened over one week ago, and no other movements have taken place since then. Take your time and avoid mistakes. Reach out for help if you have questions,” tweeted MyAlgo.
Algorand, an open-source blockchain network, is one of a number of new crypto and Web3 projects seeking to expand cryptocurrency use cases by accelerating transaction speeds and reducing the time it takes transactions to be deemed final on its network.
The brainchild of Massachusetts Institute of Technology (MIT) computer scientist and academic, Professor Silvio Micali, Algorand possesses several novel design features, including allowing users to create smart contracts and tokens that represent both new and existing assets on its blockchain, as well as distributing newly minted blocks of its native ALGO cryptocurrency to holders of existing tokens that meet a requirement threshold.
Micali is the recipient of one of the computer science field’s most prestigious awards, the Turing Award, which he received for helping make cryptography a more “precise science” through work that formalized basic notions about some of the essential building blocks of the field according to the Association for Computing Machinery.
The MIT professor shared the award in 2012 with his colleague Shafi Goldwasser.
PYMNTS research in “The FinTech Fraud Ripple Effect” finds that nearly one out of every two FinTechs (47%) consider fraud to be their most pressing challenge.
News of the exploit has sent the price of Algorand’s ALGO token down by around 11% over the past week.