Copay, The BitPay Digital Wallet, Infected By Malicious Code
Crime , News | December 9, 2018By: Cripto247
The payment processor BitPay has alerted in its official blog about a malicious code that affected the Copay open source wallet offered by the company.
According to a report, the module of versions 5.0.2 to 5.1.0 of Copay applications was modified to load a malware capable of stealing users’ private keys.
Meanwhile, the company has advised users running the Copay version of 5.0.2 to 5.1.0, telling the they “should not run or open the application.” The company has released a security update in the version 5.2 .0, which is expected for imminent launch in the app stores.
“Users should not attempt to move funds to new wallets by importing the 12-word backup phrases from affected wallets (which correspond to potentially compromised private keys). Users must first update their affected wallets (5.0.2-5.1.0) and then send all funds from the affected wallets to a new one in version 5.2.0, using the Send Max feature. To initiate transactions of all funds. ”
Copay has more than 100,000 installations on Android. The developer says that his BitPay wallets were not affected by the attack.
“We are still investigating whether this code vulnerability was ever exploited against Copay users,” the company said later. “Our team continues to investigate this problem and the extent of the vulnerability.”
This story was originally published in Spanish at Cripto247
