Klever Wallet warned customers about the risk of losing crypto savings
Date: 2023-07-14 Author: Karina Ziganova Categories: BLOCKCHAIN, CRYPTO PAYMENTS
The developers of the Klever Wallet wallet urged customers to change the mnemonic phrase as soon as possible
Users who generate a mnemonic phrase (seed) outside of Klever Wallet risk losing all their cryptocurrency savings. This was announced on Twitter by the developers of the wallet.
According to the announcement, the owners of imported seed keys are at risk of unauthorized access due to a flaw in the algorithm for generating the BIP39 standard. According to the developers, this algorithm was often used in many non-depository wallets. By generating a mnemonic phrase once, users could transfer crypto savings to a completely new wallet using the same data. This jeopardizes the safety of assets, Klever Wallet emphasizes. The developers urged all customers who imported the mnemonic phrase to create a new one from scratch, but based on Klever Wallet K5 or Klever Safe.
"We understand the anxiety and inconvenience that this situation can cause, and we want to assure all our users that we are doing everything in our power to solve this problem quickly and safely," Klever Wallet assures. At the same time, users note that unknown people were able to access their savings even though their wallets were created from scratch on the basis of Klever Wallet. The developers did not directly comment on these cases, but stated that they turned to the blockchain firm TRM Labs for help. From the official blog of Klever Wallet, it follows that the vulnerability around BIP39 persists on other cryptocurrency storage sites. The developers did not specify which services were at risk. Users were also urged to immediately revoke all previously issued permissions to interact with smart contracts.
The only similar case was with the Trust Wallet in April 2023, the developers noted. Recall that then the clients of the wallet lost $170,000 due to a vulnerability in the browser version of the crypto wallet. Mobile wallets, including those imported into the browser extension, were not affected.
