Near Protocol Discloses Critical Wallet Breach

Near Protocol Discloses Critical Wallet Breach

Share

🤗 100% Fact

Near Protocol Discloses Critical Wallet Breach

Crypto Daily™12 days ago
NEAR ProtocolNEAR Protocol
PARTYPARTY
SEEDSEED
SEEDSEED
SesameseedSesameseed
Published on August 06, 2022 04:00 GMT+00:00edited on August 07, 2022 20:29 GMT+00:00

Share

Post the attacks on Solana, Near Protocol has issued an official disclosure of details into a similar issue, which it claimed was addressed and resolved earlier in June. The security breach involves a third-party threat actor, which gained unauthorized access to seed phrases for its user's wallets.

According to Near, the breach was reported to their team by Hacxyk, a security firm working in the Web3 space. A Twitter thread by Hacxyk details how the protocol's email recovery process was exploited to leak user's seed phrases to Mixpanel, an analytics platform.

Such a process "allows anyone with access to [the] Mixpanel access log, or the Mixpanel account owner (e.g. Near devs) to have access to everyone who has clicked the link in the recovery email,” explains Hacxyk. Further, …