Over $1 Million USD Stolen From Algorand Users
It was on Monday evening where it was first reported by the twitter account Algo Surf, that several Algorand accounts had been hacked, or were suspected to be so. At least 3 twitter users reported to have large amounts of funds stolen.
The value of the hacked ALGO amounts to over $1 million USD, with one particular user losing over 1.2 million ALGO, or roughly $350,000 USD.
📢 PSA 🔄 #Algofam Within the past 24H, the following #Algorand addresses have been hacked or suspected so (...emptied out on changenow; most were idle for a month+)
— Algo Surf (@Algo_Surf) February 21, 2023
Totals: ~3.4M $ALGOhttps://t.co/fyGsskrAsR
357K to changenow
... 1/4
Large Deposits Leading To Crypto Exchange
The non-custodial exchange ChangeNow sees it's largest influx of ALGO ever during 20th of February, including some large deposits leading back from the hacked wallets.
The aforementioned twitter account, Algo Surf, commented in their twitter thread that the hack may have been related to an iPhone exploit. Supposedly this was patched on iOS during the last week, but all users might have not yet have updated their phones to receive this fix.
Either way, it's still unsure if this is the definite exploit used in these malicious attacks.
Practice Safe CEX and Protect Your ALGO
These are some of the actions Algorand users must take in order to keep their ALGO safe:
• Never share your 25 word seed phrase with anyone.
• Anyone who suspect that their account might have been compromised should be immediately create a new wallet and transfer their funds there.
• In addition, thread carefully when using dApps in the crypto space. Don't opt in to smart contracts that you don't fully trust. Make sure you do your due diligence.
• Be careful when using google to access your favorite websites in the ecosystem, often phishing sites will be promoted, using similar domain names as the real sites, looking identical, and stealing your ALGO in the process.
• Never store your seed phrase digitally, not as a screenshot nor saved in a document. This is one of the main ways malicious forces use to gain access to your account. Rather store the seed phrase on a physical piece of paper or metal, in a safe place protected from destruction (i.e. residential fire).
• Make sure to always use two-factor authentication whenever possible. This is especially important if you keep any amount of crypto store on central exchanges.
• Use a separate phone or computer to handle your crypto-related interactions. Keep this computer up-to-date and free of any suspicious apps or programs. You may even keep it offline when not using it.