Cryptocurrency wallet developer Komodo has effectively hacked its own customers to avert an attack that could have resulted in the theft of funds worth nearly $13 million.
An audit showed a malware threat with the potential to steal cryptocurrency wallet seeds and logins.
To prevent hackers from taking advantage of the malicious code, Komodo and npm used the same backdoor to extract Agama users' funds and transferred them to a safe location away from hackers reach.
In a security alert, Komodo said: "After discovering the vulnerability, our Cyber Security Team used the same exploit to gain control of a lot of affected seeds and secure the funds at risk."
Komodo said it was able to safeguard 8 million komodo (KMD) tokens and 96 bitcoin, collectively worth nearly $13 million.
To prevent hackers from using their old seeds and paraphrases in the future, the developer advised Agama wallet users to move their funds to its newer wallet products and create new KMD and BTC addresses, as well as new passphrases.
code image via Shutterstock
The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is an award-winning media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. In November 2023, CoinDesk was acquired by Bullish group, owner of Bullish, a regulated, institutional digital assets exchange. Bullish group is majority owned by Block.one; both groups have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary, and an editorial committee, chaired by a former editor-in-chief of The Wall Street Journal, is being formed to support journalistic integrity.