- The non-custodial crypto wallet is estimated to have lost over $9 million.
- Algorand Foundation has asked users to withdraw funds or rekey their wallets to a ledger or third-party providers.
Enjoy your financial freedom with Uphold
Get a welcome bonus of $50 when you sign up and trade at least $600 of your favorite asset
Algorand’s non-custodial web wallet MyAlgo has urged its users to withdraw their funds after the platform was exploited by hackers, causing losses of millions of dollars. Per a tweet posted Monday, the cause of the attack remains unknown.
‘‘We strongly advise users to withdraw any funds from Mnemonic wallets in MyAlgo. As we still don’t know the root cause of recent hacks, we encourage everyone to take precautionary measures to protect their assets.’’ The wallet provider wrote.
According to its website, My Algo lets users access the Algorand blockchain while retaining their private keys. Users can have their private keys in a Ledger wallet or store them in an encrypted hot wallet. Those affected in the exploit had their hot wallet mnemonic with keys stored in an internet browser. Algorand has advised users to move their funds from the hot wallets to the hardware option.
‘‘We encourage users to avoid storing significant amounts of funds in hot wallets (mnemonic) and to use hardware wallets instead to protect their funds, especially for long-term staking.’’ It further cautioned that the private keys based on the browser extension were susceptible to phishing and malware attacks.
Estimated $9.2 million worth of ALGO and USDC lost in the exploit
Although Algorand has not disclosed the exact amount of losses resulting from the exploit, it is estimated to be more than $9.2 million in ALGO and USDC, according to one user by the pseudonym ZachXBT, who added that crypto exchange ChangeNow had managed to freeze $1.5m from the exploit. According to data from blockchain intelligence company TRM Labs, the amount is suspected of being stolen between February 19 and 21.
Algorand has, however, distanced itself from the cause of the attack – which was reported to have affected an estimated 25 accounts. John Wood, the CTO of Algorand Foundation, said in a separate tweet that the malfunction was ‘‘not a result of (any) underlying issue with the Algorand protocol or its Software Development Kit (SDK). Woods further advised users to rekey their hot wallets – changing private keys while maintaining the public keys – to a ledger or a third-party wallet provider.
From the data compiled by CoinMarketCap, Algorand’s token has dropped 2% in the past day and 13% in the last week to trade at $0.2511 following the incident.
Start buying crypto in 3 simple steps
Buy, sell, and trade 250+ cryptos with low fees
