Jaxx wallet is the subject of scrutiny Monday as reports surface of at least $400,000 funds being stolen through a security vulnerability.
Reports are surfacing of a ‘vulnerability’ in Jaxx wallet leading to at least $400,000 customer funds being stolen.
A report on the insufficient wallet backup phrase storage methods this weekend has now updated to include reports that hackers are already exploiting the problem to steal cryptocurrency from users.
A researcher from Vx Labs highlighted the problem Friday, saying they had “successfully” tested the vulnerability and seen that it worked.
“Even when your Jaxx has a security PIN configured, anyone with 20 seconds of (network) access to your PC can extract your 12 word backup phrase and copy it down,” the report reveals. “Jaxx does not have to be running for this to happen.”
An update subsequently linked to users confirming they had lost Ethereum (ETH), Ethereum Classic (ETH) and Zcash from Jaxx. These appear to total at least $400,000.