Cryptocurrency wallet developer Komodo has effectively hacked its own customers to avert an attack that could have resulted in the theft of funds worth nearly $13 million.
An audit showed a malware threat with the potential to steal cryptocurrency wallet seeds and logins.
To prevent hackers from taking advantage of the malicious code, Komodo and npm used the same backdoor to extract Agama users' funds and transferred them to a safe location away from hackers reach.
In a security alert, Komodo said: "After discovering the vulnerability, our Cyber Security Team used the same exploit to gain control of a lot of affected seeds and secure the funds at risk."
Komodo said it was able to safeguard 8 million komodo (KMD) tokens and 96 bitcoin, collectively worth nearly $13 million.
To prevent hackers from using their old seeds and paraphrases in the future, the developer advised Agama wallet users to move their funds to its newer wallet products and create new KMD and BTC addresses, as well as new passphrases.
code image via Shutterstock
The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.