BitPay XSS Hack Used to Steal Private Keys From Unsuspecting Customer Wallets

The CoPay Bitcoin Wallet was recently hit with a malicious Cross-site scripting exploit that enabled private keys of its users to be compromised.

The attack was launched by manipulating a third-party node used by CoPay, with a JavaScript malware that remained undiscovered until 26th November 2018. This piece of code had the potential to lead to the theft of the cryptocurrencies owned by the users of CoPay.

BitPay identifies the trouble areas

Although the duration of the attack is unknown, the Crypto Wallet firm seemed to identify the issue on 26th November 2018. In a recent statement, BitPay has reportedly disclosed that the CoPay’s 5.0.2 to 5.1.0 versions remained vulnerable to this attack and that its users must take necessary measures, under the presumption that their accounts have been compromised.

The Two-Step Precaution

Recently, BitPay rolled out a set of directions to CoPay users, in which the users were instructed to refrain from logging into CoPay’s 5.0.2 to 5.1.0 versions.

As a part of these directions, the users of CoPay’s 5.0.2 to 5.1.0 versions were instructed to update their CoPay Wallets to the 5.2.0 version. This update encapsulated the transaction between the affected CoPay Wallet and BitPay Wallet. Further, the affected users were instructed to avoid using their 12 phrase code during the transfer.

Finally, the CoPay users had to make a transfer from the CoPay wallet’s 5.2.0 version to the BitPay wallet. Apparently, it was only the CoPay Wallet that was affected by the malicious JavaScript.

The Crypto Wallet Firm continues to investigate accounts that may possibly be affected. This attack had the potential to lead to dire consequences, such as the unauthorized transfer of BitCoin and Bit Cash.

This is not the first time that the security of an online wallet has been compromised, and since it is not a Government-backed currency, there is little that can be done.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients