A popular cryptocurrency wallet has been abandoned after a vulnerability was identified that could have allowed threat actors to drain tokens from accounts.
As researchers at Check Point discovered, the web-based version of Everscale’s blockchain wallet (known as Ever Surf) suffered from a relatively simple flaw that allowed crooks to exfiltrate private keys and phrases. starting point stored in the browser’s local storage.
To do this, they would have had to obtain the encrypted keys from the wallet first, which is usually done through rogue browser extensions, infostealer malware or phishing.
After obtaining the encrypted keys, the attackers could have used a simple script to perform decryption. The vulnerability made decryption possible in “just minutes, on consumer hardware,” the researchers explained.
CPR disclosed the vulnerability to Ever Surf developers, who then released a desktop version that mitigates the flaw, the company said in a press release. The web version has been labeled obsolete and for development purposes only.
Seed phrases from accounts that store real value in crypto should not be used in the web version of Ever Surf, the researchers warned.
“Everscale is still in the early stages of development. We assumed that there might be vulnerabilities in such a young product,” said Alexander Chailytko, head of cybersecurity, research and innovation at Check Point Software.
“When working with cryptocurrencies, you should always be careful, make sure your device is free from malware, don’t open suspicious links, keep the operating system and anti-virus software up to date. Despite the fact that the vulnerability we found has been fixed in the new desktop version of the Ever Surf wallet, users may encounter other threats such as vulnerabilities in decentralized applications or general threats such as fraud, phishing.
Ever Surf is described as a cross-platform messenger, blockchain browser, and crypto wallet for the Everscale blockchain network. It currently has over 669,000 active accounts worldwide.
To stay safe, users should not follow suspicious links, especially those sent by strangers, always update their operating system and anti-virus software, and should not download any software or browser extensions before checking the identity of the source.