The CoPay Bitcoin Wallet was recently hit with a malicious Cross-site scripting exploit that enabled private keys of its users to be compromised.
BitPay identifies the trouble areas
Although the duration of the attack is unknown, the Crypto Wallet firm seemed to identify the issue on 26th November 2018. In a recent statement, BitPay has reportedly disclosed that the CoPay’s 5.0.2 to 5.1.0 versions remained vulnerable to this attack and that its users must take necessary measures, under the presumption that their accounts have been compromised.
The Two-Step Precaution
Recently, BitPay rolled out a set of directions to CoPay users, in which the users were instructed to refrain from logging into CoPay’s 5.0.2 to 5.1.0 versions.
As a part of these directions, the users of CoPay’s 5.0.2 to 5.1.0 versions were instructed to update their CoPay Wallets to the 5.2.0 version. This update encapsulated the transaction between the affected CoPay Wallet and BitPay Wallet. Further, the affected users were instructed to avoid using their 12 phrase code during the transfer.
The Crypto Wallet Firm continues to investigate accounts that may possibly be affected. This attack had the potential to lead to dire consequences, such as the unauthorized transfer of BitCoin and Bit Cash.
This is not the first time that the security of an online wallet has been compromised, and since it is not a Government-backed currency, there is little that can be done.