Crypto investor Claims He Got Stolen with $70K In Coinomi

Crypto investor Claims He Got Stolen with $70K In Coinomi

Cryptocurrency investor Warith Al Mawali affirmed that he was the victim of a theft as he lost $70K in life savings due to a Coinomi security flaw, according to a Reddit post.

As always, there are two sides to every story. One party says that Al Mawali’s funds disappeared as the Coinomi’s desktop wallet had a backdoor that sent passphrase information to Google; on the other side, the company affirmed it found an issue, but it was solved quickly, and there is no evidence that anybody was stolen.

The story went public when Al Mawali published blog posts in Reddit and Bitcointalk saying that he was disclosing all information because the crypto wallet refused to take responsibility.

Al Malawi claims that the platform contains a backdoor, his “passphrase was compromised, and $60K-$70K worth of cryptocurrency was stolen because of Coinomi wallet and how the wallet handled my passphrase.”
The problem with the passphrase is that once an investor enters his passphrase to the textbox, it is automatically inspected remotely by spellcheck through googleapis.com. It is “basically an HTML file ran by a Chromium browser component,” Al Malawi said.

He affirms that the person who got access to the leaked private key used it to steal around 17 Bitcoins units.

However, in a press release published later, the company said the seed phrase was not being transmitted in plain text but encapsulated inside an SSL HTTPS protocol with Google as the unique recipient.

Coinomi also stated that the spell-check requests were not processed, cached or store as it returned an error as they were flagged as “Bad Request” by Google “as they were badly formed (did not contain a valid Google API key) and never actually processed them.”

Al Malawi also built a dedicated website called Avoid-Coinomi.com where he also published videos explaining the flaws and the whole story.
One of the videos posted on AvoidCoinomi tries to demonstrate the vulnerability, and it looks that the option to decrypt HTTPS is selected in the software.

Finally, Coinomi affirmed that Al Malawi was blackmailing them. Coinomi’s COO Angelos Leoussis commented on the exchange’s official Telegram group that Al Malawi kept “threatening, swearing, and blackmailing us for insane amounts.”

The company also said that he offered that they will report the stolen assets to Chainalysis, which will blacklist the digital assets so no exchange would accept them. 

Recently Similar News

cex-promotion exmo-promotion

Latest Guides

Latest News

CoolWallet,Promotion,Wallets

For a Limited Time, You Can Get a Personalised CoolWallet S

Fancy getting yourself a Coolwallet with a personal touch? Then head over to  CoolWallet now and get yourself a customised wallet for you to store your crypto with your name on it. These new customised CoolWallet S cards are offered in a bid to make cryptocurrency investment more attractive to their users. And of course, […]

15 September, 2019
Giveaway,KuCoin,Promotion

Another 2nd Anniversary Promo Announced at KuCoin, KuMEX FOMO

KuCoin is celebrating their 2nd anniversary and to celebrate they have detailed several new promotions, but it seems they aren’t over yet, with one more outlined for KuMEX FOMO. Earlier this week, we detailed 5 different promotions that will take place over the next 2 weeks, but now there is more which you can get […]

14 September, 2019
Coinbase,Coinbase PRo,Dash,Listings

Dash Set For Monday Coinbase Pro Listing

One of the most popular trading options in the crypto world, Dash, will go live for trading on Coinbase Pro from Monday, 16th September. While official trading will begin the following day at 9 am (PST) on Tuesday, 17th September, users will be able to begin depositing Dash to their Coinbase Pro accounts up to twelve hours […]

14 September, 2019
Exchange Platforms,Kraken,Listings,Tokens

ICX Now Available On Kraken

Kraken has unveiled the latest asset available for trading on their platform, ICX. The San Francisco-based outfit commenced trading for this new token, which was created by the South Korean blockchain project, ICON, yesterday, 12/09/2019.  However, ICON itself is no newbie to industry and in fact, is one of the oldest and largest blockchain ins […]

13 September, 2019
Binance USA,Launch,Updates,USA

Binance USA Opens Its Doors Next Week

The much-anticipated US trader targeted platform from Binance, Binance USA, will begin opening its door to traders from next week. The news has come at the perfect time for US traders who had previously been going about their day to day trading activity on the generic international Binance platform. This is because after Binance updated […]

12 September, 2019
Closure,Exchange Platforms,Updates

Ethfinex Reveal Further Details on Closure

Last month, Ethinex revealed that they would be shutting up shop in their existing format and rebranding as DeversiFi. While the transition period is on-going, they have detailed some important information about the final closure of their existing operational format. The first point of note in regards to this is the fact that a date […]

11 September, 2019
Exchange Platforms,Giveaway,KuCoin,Promotion

KuCoin Offer 2nd Anniversary Promotions Worth $450,000 to Users

KuCoin are about to celebrate their second anniversary and they want to thanks users with a flurry of new promotions offered on a number of crypto assets over the next two weeks. These new promotions cover a wide range of different trading options, eligibility requests and time limits. With this in mind, they should be enticing to a wide number […]

10 September, 2019
CEO,Exchange Platforms,localbitcoins

LocalBitcoins Name New CEO

Peer-to-peer trading platform, LocalBitcoins has had a shake around in boardroom, with Sebastian Sonntag being named as the new CEO. He will be taking over the reins from Nikolaus Kangas, who is the brother of Jeremias Kangas who founded the exchange platform back in 2012, after being “convinced of Bitcoin’s importance in a global economy”. […]

9 September, 2019