🚀 Uniswap Wallet Vulnerability Raises Security Concerns
#Uniswap #WalletVulnerability #Cybersecurity #CryptoSecurity #SeedPhrase #AccessControl #Blockchain #Cryptocurrency #SecurityBreach #CryptoLosses #Scams #Hacks #BitsLab #ScaleBit #PeckShield #CertiK
According to Cointelegraph, ScaleBit, a subsidiary of security auditor BitsLab, has identified a potential vulnerability in Uniswap's Web3 wallets that could jeopardize all stored assets. The issue reportedly allows attackers with physical access to bypass authentication mechanisms and directly access the mnemonic phrase stored on the device. This phrase, also known as a seed phrase, is a critical component that provides full control over a wallet's assets from any device.
ScaleBit highlighted that anyone with access to an unlocked device could retrieve the wallet's mnemonic phrase in under three minutes. Alarmingly, this vulnerability persists even in the latest version of the app. As a precaution, ScaleBit advised Uniswap Wallet users to avoid lending their devices to others until the issue is resolved. Uniswap representatives have not yet responded to requests for comment, and Cointelegraph has not independently verified the vulnerability.
In related news, the cryptocurrency sector saw a significant increase in losses due to cybersecurity exploits in 2024, with a 40% rise compared to the previous year, totaling approximately $2.3 billion. This increase was largely attributed to access control breaches, particularly in centralized exchanges and crypto custodians, as noted by Deddy Lavid, co-founder and CEO of security firm Cyvers. Mnemonic phrase compromises are a common type of access control breach.
Despite the overall rise in losses, the final months of 2024 saw a decline in crypto scams, exploits, and hacks. December recorded the smallest amount stolen, with blockchain security firm CertiK reporting $28.6 million in known losses, compared to $63.8 million in November and $115.8 million in October. Similarly, blockchain security firm PeckShield noted a 71% decrease in hack losses in December, amounting to $24.7 million. These figures suggest a potential improvement in security measures towards the end of the year.#Uniswap #WalletVulnerability #Cybersecurity #CryptoSecurity #SeedPhrase #AccessControl #Blockchain #Cryptocurrency #SecurityBreach #CryptoLosses #Scams #Hacks #BitsLab #ScaleBit #PeckShield #CertiK
🚀 New Vulnerability Discovered in TON Virtual Machine
#Vulnerability #TONVirtualMachine #SmartContracts #Security #TonBit #BitsLab #Cybersecurity #GasManagement #LibraryIntegrity #ContractAnomalies
According to PANews, the security team TonBit, under BitsLab, has identified a new vulnerability in the TON Virtual Machine (TVM) related to the state migration issue of the RUNVM instruction. This flaw could potentially disrupt the smart contract execution environment, leading to contract anomalies. Specifically, attackers could exploit the moment when the virtual machine's gas is depleted to damage critical libraries, causing subsequent operations that rely on these libraries to fail.
TonBit has submitted the vulnerability details and a fix to the TON Foundation and assisted in the repair process. Developers are advised to update promptly once the official patch is released and to enhance checks on library integrity and gas management within contracts to prevent similar issues from being maliciously exploited.#Vulnerability #TONVirtualMachine #SmartContracts #Security #TonBit #BitsLab #Cybersecurity #GasManagement #LibraryIntegrity #ContractAnomalies