BTC: $3,956.73 -1.52%
ETH: $134.10 -1.83%
XRP: $0.30442 -1.51%
MARKETCAP: $137,447,187,414
24H VOL: $32,233,850,548
BTC: 51%

Strange “Spell Check Bug” Found In Coinomi Wallet

Bitcoin Wallet

An unusual bug has been discovered in Coinomi, a popular multicoin wallet. Of all the security issues that might have come up, a spell check tool seems to be to blame. The victim of the bug has now made his complaints known, while Coinomi has asserted that the victim handled the problem irresponsibly and blackmailed the company. This is what has happened so far…

The Bug Has Been Confirmed

The victim, Warith Al Maawali, claims that a text box built into the Coinomi wallet sent his seed phrase to Google’s online spell check service. Since a seed phrase can be used to gain access to a wallet, handling data in this way is a major risk. Al Maawali claims that the bug was used to steal $60,000 of cryptocurrency from his wallet.

He also says that Coinomi has “refused to take responsibility,” which has forced him to reveal the problem publicly. Coinomi itself has now responded, admitting that Google spell checks did occur due to a “bad configuration” in one of the wallet’s plug-ins. However, Coinomi also says that this function sent text securely—and that Google actually rejected the data.

Actual Exploit Up For Debate

Not everyone believes Al Maawali’s story. Since Coinomi’s wallet never sent data to a non-secure location, Al Maawali believes that a “Google employee, or whoever has control over the data,” gained access to his seed phrase and stole his funds. Of course, the idea that Google employees are stealing cryptocurrency is an extraordinary claim.

That claim is not entirely impossible, but few people are prepared to believe it. Although Al Maawali has demonstrated the spell check bug in a video, he can only prove that the data reached Google, not that Google employees actually stole his data. In other words, it is possible that the bug exists, but was never really exploited by an attacker.

Instead, many suspect that Al Maawali’s cryptocurrency was stolen by more common means. Some believe that his computer was infected by spyware or malware, while others believe that he leaked his seed phrase elsewhere. However, Al Maawali’s critics ultimately have no more proof than he does, meaning that the conflict may never be resolved.

Are Software Wallets Safe?

Even though exchanges and web wallets are usually the focus of security concerns, software wallets can also carry vulnerabilities. Some of these attacks are quite creative: the Electrum wallet, for example, recently fell victim to a convincing phishing attack when attackers used notification boxes to promote a fake update and steal user keys.

The bottom line is that storing cryptocurrency on any device connected to the Internet provides attackers with a potential way to steal cryptocurrency. Although software wallets are generally safe, they are still sometimes vulnerable. Hardware wallets are safer still, but even they have faced criticism—meaning that wallet security is never 100% certain.

Join the NEW Unhashed Telegram or Follow Unhashed on Twitter for the Latest Cryptocurrency News Updates!

Bitcoin Bitcoin $3,956.73 -1.52%
Ethereum Ethereum $134.10 -1.83%
XRP XRP $0.30 -1.51%
Litecoin Litecoin $59.43 -0.68%
EOS EOS $3.65 +0.32%

Subscribe for the latest cryptocurrency news

Please enter a valid email address.
Something went wrong. Please check your entries and try again.

More Crypto News

Best Tether Wallets in 2019

January 14, 2019

Tether (USDT), the world’s most popular stablecoin, is designed to give users the stability of…

The 5 Best Stellar Wallets In 2019

January 3, 2019

Stellar and its XLM token were first launched in 2014 by Ripple co-founder Jed McCaleb.…

Best Bitcoin Cash Wallets in 2019: Picking a Bitcoin Cash Wallet for Your Needs

December 6, 2018

Bitcoin Cash (BCH), the controversial project forked from the original Bitcoin client, is now the…

Subscribe for the latest cryptocurrency news

Please enter a valid email address.
Something went wrong. Please check your entries and try again.
Scroll Up