Author

Topic: Hacker Backdoors JavaScript Library to Steal Bitcoin Funds (Read 222 times)

sr. member
Activity: 531
Merit: 258
It isn't only inside BitPay's Copay wallet apps but all crypto wallets, in general, that use Javascript. Don't worry Copay isn't the only one and you can expect to hear more about it and people with lost funds, in a few days.
member
Activity: 546
Merit: 10
💲 EMIREX EXCHANGE 💲
A hacker has gained (legitimate) access to a popular JavaScript library and has injected malicious code that steals Bitcoin and Bitcoin Cash funds stored inside BitPay's Copay wallet apps. The presence of this malicious code was identified last week, but until Nov 26, have researchers been able to understand what the heavily obfuscated malicious code actually does.

it seems that this is one of the factors of the crypto failure that still exists, and more news days about hacking wallet and exchange are increasing. Previously I also heard about the weaknesses in API trading in one of the markets, this made the price of the major coin in the market a severe dump, but fortunately the hackers could not cash out.
member
Activity: 532
Merit: 15
a very sneaky one, no doubt! common users has very little defense against malwares that uses JavaScript as it can be easily embedded in any web-page!
legendary
Activity: 1638
Merit: 1163
Where is my ring of blades...
this is yet another reminder of the importance of cold storage. if you have your coins in cold storage like a paper wallet, bugs like this would never affect you and your coins will remain safe. the hot wallets should always only contain the amount that you want to spend.
copper member
Activity: 364
Merit: 4
People think open source is secure because someone has vetted the code, however it is rare that anyone actually does and just focuses on what it does and if it can be used
legendary
Activity: 3542
Merit: 1965
Leading Crypto Sports Betting & Casino Platform
This was a sneaky one.  Roll Eyes

Someone got publishing rights to the event-stream library on GitHub that are used by BitPay and they injected some malware or malicious code.

BitPay does not develop the libraries on their own and blindly trust these Open source libraries. This is why these centralized services are targeted, because they are simply too lazy and stingy to pay reputable developers to develop safe and secure sites for them.  Angry

Hackers knows this and they target code like this that are used by more than one "target"  Roll Eyes
hero member
Activity: 2660
Merit: 551
A hacker has gained (legitimate) access to a popular JavaScript library and has injected malicious code that steals Bitcoin and Bitcoin Cash funds stored inside BitPay's Copay wallet apps. The presence of this malicious code was identified last week, but until Nov 26, have researchers been able to understand what the heavily obfuscated malicious code actually does.

Is this one factor that contributed to the current dip? I have yet to look at this news but its really scary if you're using a wallet written in JavaScript and secretly stealing your bitcoin. Those criminals are really one step ahead of us, so just be careful with your crypto wallet.
legendary
Activity: 3472
Merit: 10611
for anyone interested here is the link: https://www.theregister.co.uk/2018/11/26/npm_repo_bitcoin_stealer/

and you should know that it is not just affecting BitPay wallets, it is affecting any other program that is using this rather popular library. so if your wallet is written in JavaScript then you may want to stop using it until you confirm it was not using that library.
full member
Activity: 616
Merit: 100
hmm. javascript is the language that can be bundled with the script. maybe it possible that the hacker gets all the information about the wallet using the javascript. and i think we should careful with our wallet because of this news
jr. member
Activity: 57
Merit: 2
A hacker has gained (legitimate) access to a popular JavaScript library and has injected malicious code that steals Bitcoin and Bitcoin Cash funds stored inside BitPay's Copay wallet apps. The presence of this malicious code was identified last week, but until Nov 26, have researchers been able to understand what the heavily obfuscated malicious code actually does.
Jump to: