MyAlgo asks users to withdraw funds following $9.2m breach
Algorand (ALGO) wallet provider MyAlgo has asked users to withdraw all funds in their wallets or rekey them to new wallets as soon as possible following a breach that compromised $9.2 million.
In a tweet posted on March 7, MyAlgo, a wallet provider for the Algorand network, urged its users to withdraw funds from their wallets or rekey them to other third-party wallets, such as Pera Web and Defly, or a ledger, in the shortest time possible.
In the tweet, MyAlgo also provided information on how customers could carry out the rekeying process on either of the alternative wallets.
Rekeying is a feature of the Algorand network that enables account holders to retain a public address while assigning various private keys from another account.
The process involves changing the account’s authorized private keys while preserving its public address. Since the user controls both wallets in this situation, it transfers the signing rights from one to the other.
Rekeying a wallet is frequently necessary due to a compromised account, a change in wallet ownership, or when using a ledger hard wallet.
MyAlgo’s latest recommendation followed a similar one on Feb. 27 when it asked users to withdraw funds from any wallets created with a seed phrase they may have stored on the platform.
Advisory comes after $9.2 million hack
The alert came after news emerged of a targeted attack against several high-profile MyAlgo accounts that seemingly took place a couple of weeks ago.
On-chain sleuth ZachXBT tweeted that the hackers might have stolen approximately $9.2 million. However, the crypto exchange, ChangeNOW, was able to freeze over $1.5 million after the attackers tried to launder the stolen funds through it.
The wallet provider stated that it is collaborating with law enforcement authorities and the impacted parties to investigate the matter. However, the organization still does not know what caused the hack.
According to Algorand CTO John Wood, the attack affected 25 wallets. Still, there was no underlying problem with the Algorand protocol or its proprietary software development kit that might have contributed to the vulnerability.
Wood promised that once investigations into the attack were complete, he would make a video explaining how the vulnerability occurred and how ALGO users can safeguard themselves.