Tipo de CambioTipo de Cambio
    Facebook Twitter Instagram
    Tendencias:
    • Biswap Ingresos pasivos y clave para funciones lucrativas
    • Liquidez, ¿Qué significa?, Liquidez vs Volumen
    • Carteras de Custodia, ¿Qué Son?, Ventajas, Desventajas
    • Sweatcoin rompe récord en venta pública en DAOMaker
    • Coinplay Crypto Casino Apuestas Deportivas
    • ¿Qué es PoA (Proof of Authority – Prueba de Autoridad)? Video Explicado
    Facebook Twitter Instagram
    Tipo de CambioTipo de Cambio
    Actualizar
    domingo, febrero 5
    • Inicio
    • Dinero
    • Bitcoin
    • Ethereum
    • Binance
    • Criptomonedas
      • Solana
      • Cardano
    • Polkadot
    • Shiba Inu
    Tipo de CambioTipo de Cambio
    Third-Party Dash Web Wallet MyDashWallet Compromised
    Dash

    Third-Party Dash Web Wallet MyDashWallet Compromised

    usdgbp_lwn506By usdgbp_lwn506julio 15, 2019No hay comentarios4 Mins Read
    Third-Party Dash Web Wallet MyDashWallet Compromised
    Share
    Facebook Twitter LinkedIn Pinterest Email
    4.1/5 - (325 votos)


    Late last week, it was discovered that the independently developed MyDashWallet was compromised by a hacker that was able to send users’ private keys to an external server, but once the vulnerability was revealed, Dash Core Group members assisted the developer in correcting the issue.

    Today it was discovered that https://t.co/PozDtfUaf3 was compromised between May 13th-July 12th. Anyone using mydashwallet during that time should assume their private keys are known by the hacker and immediately move balances out of that wallet. Details: https://t.co/yKRopU0HgJ

    — DASH (@Dashpay) July 12, 2019

    The hack was possible due to its reliance on the latest version of another code base, which was compromised. Out of an abundance of caution, anyone that used MyDashWallet between May 13 2019 and June 12 2019 should assume that their private keys are know and move their funds immediately.

    “In April 2018, MyDashWallet was modified to load an external script from the script hosting website GreasyFork. While not abnormal, this is not considered a secure practice, particularly since the reference loaded the latest version of the script, rather than a specific version. On May 13 2019, a hacker compromised the GreasyFork account of the original author of the script, Jixun Moe, and added code to send users’ private keys to an external server. This change was detected on July 12 2019 when the hacker used the private keys to move user funds. MyDashWallet is not maintained by Dash Core Group, and at no time was the Dash network itself compromised.”

    As Philipp Engelhorn, assisted by Leon White, posted in the Dash forum, “[t]he insecure coding practice implemented by MyDashWallet went undetected for over a year due to insufficient review of code by third parties”. In the future, he emphasized that “all code handling private keys should be reviewed thoroughly before being trusted with user funds” and that “the use of local keystore files should be discouraged in favour of hardware wallets, similar to best practices implemented by MyEtherWallet”.

    How Dash Core Group warns users and assists in mitigating the situation

    Firstly, Dash Core Group helps mitigate the risk of these vulnerabilities for its own code by ensuring that “[a]ll software released by Dash Core Group is both open source and subjected to stringent quality testing prior to release”. Third party vulnerabilities are a risk with open source software since anyone is free to use the code and implement their own variations and applications. However, open source software has the advantage of these vulnerabilities able to be found by private individuals rather than private code that could be compromised, but never known or made public.

    Secondly, Dash Core Group “is assisting the developer to resolve this issue and collecting relevant information to provide to law enforcement”, according to Michael Seitz in the Dash Forum. This is a positive sign that even though the vulnerability is not related to them nor the Dash blockchain, they are still ensuring that Dash-related apps and community members stay safe by helping to resolve issues that arise. This is also an advantage that is said as a reason that third party exchanges and vendors like integrating Dash; they have Dash Core Group as physical people to fall back on and ask questions.

    Decentralized systems require a high degree of user awareness

    Cryptocurrency was created to be open source and decentralized with no single person nor group in charge. While this does help the permissionless accessibility of the network, it also allows third-party products to be developed and used, sometimes without proper rigorous testing. Any user can use trusted and solid software, however they can also fall prey to poorly-constructed services or even outright scams or other malicious apps. Because of this, users seeking the decentralization and associated benefits of using cryptocurrency should also take full responsibility for the risks associated with using potentially untested systems, and take additional precautions to protect their safety and funds.



    Source: https://dashnews.org/third-party-dash-web-wallet-mydashwallet-compromised/

    Descargo de responsabilidad

    Toda la información contenida en este sitio web se publica solo con fines de información general y no como un consejo de inversión. Cualquier acción que el lector realice sobre la información que se encuentra en nuestro sitio web es estrictamente bajo su propio riesgo. Nuestra prioridad es brindar información de alta calidad. Nos tomamos nuestro tiempo para identificar, investigar y crear contenido educativo que sea útil para nuestros lectores. Para mantener este estándar y continuar creando contenido de buena calidad. Pero nuestros lectores pueden basarse en su propia investigación.

    Share. Facebook Twitter Pinterest LinkedIn WhatsApp Reddit Tumblr Email

    Related Posts

    Dash Community organiza una convención en Europa que muestra el ecosistema global

    agosto 21, 2019
    Steve Capone of Voyager Trading App on Bitcoin Trading, Cryptocurrency Mass Adoption

    Steve Capone of Voyager Trading App on Bitcoin Trading, Cryptocurrency Mass Adoption

    agosto 20, 2019

    Fidelity recibe más de $ 100 millones de dólares en donaciones de ciptomonedas para caridad

    agosto 20, 2019

    Leave A Reply Cancel Reply

    Siguenos
    • Facebook
    • Twitter
    También te puede intersar
    Biswap Ingresos pasivos Swap

    Biswap Ingresos pasivos y clave para funciones lucrativas

    Biswap Ingresos pasivos: Biswap es el Metaverso global que más valora la experiencia de sus…

    Liquidez

    Liquidez, ¿Qué significa?, Liquidez vs Volumen

    Carteras de Custodia

    Carteras de Custodia, ¿Qué Son?, Ventajas, Desventajas

    Sweatcoin rompe récord en venta pública en DAOMaker

    Sweatcoin rompe récord en venta pública en DAOMaker

    Type above and press Enter to search. Press Esc to cancel.