The wallet provider has yet to determine the root cause of the exploit, which resulted in the theft of $9.6 million worth of assets.
Algorand-based wallet provider MyAlgo has warned users to withdraw their assets from all wallets created using seed phrases as the company continues to investigate a vulnerability that led to a $10 million loss.
The wallet provider tweeted on Feb. 26, warning users of a “targeted attack on a group of high-profile MyAlgo accounts.”
MyAlgo urges users to withdraw funds
MyAlgo further explained that the attacked users had large amounts of assets in their accounts and were using mnemonic hot wallets with private keys stored in the browser. The team added that the vulnerability did not affect hardware wallet users.
The wallet provider said it is working with the affected parties and authorities to investigate the incident. However, in an update on Monday, the team strongly recommended that all users move any funds from seed phrase wallets stored in MyAlgo as it still does not know the root cause of the hack.
Over $9 million stolen
According to blockchain investigator ZachXBT, hackers stole 19.5 million ALGO and 3.5 million USDC worth $9.6 million from victims.
However, centralized exchange ChangeNow froze $1.5 million in stolen funds after the attacker attempted to launder the money through the platform.
Algorand’s CTO John Wood noted that the incident affected 25 wallets, while clarifying that the vulnerability was not caused by “an underlying issue with the Algorand network or SDK.”
The CTO said he will make an explainer video on how the exploit happened and how users can protect themselves once the investigation is concluded.
