Crypto investor Claims He Got Stolen with $70K In Coinomi [Solved]

Crypto investor Claims He Got Stolen with $70K In Coinomi [Solved]

Cryptocurrency investor Warith Al Mawali claimed that he was the victim of a theft as he lost $70K in life savings due to a Coinomi security flaw, according to a Reddit post that he himself published.

As always, there are two sides to every story, and it would appear that the side of the Coinomi company is the truthful one. One party says that Al Mawali’s funds disappeared as the Coinomi’s desktop wallet had a backdoor that sent passphrase information to Google; on the other side, the company affirmed it found an issue, but it was solved quickly, and there is no evidence that anything was stolen. George Kimionis, the CEO of Coinomi, tweeted that the whole situation was planned by the extortionist in order to try and scam the company out of $70K.

Coinomi - Update

The story went public when Al Mawali published blog posts in Reddit and Bitcointalk saying that he was disclosing all information because the crypto wallet allegedly refused to take responsibility.

Warith claimed to have lost funds due to a Coinomi bug, however, this was proved to be completely untrue by a reputable chainalysis firm, the results of which were published a month after the event. The firm, CipherBlade, is a trusted Blockchain investigation company that conducts thorough investigations in order to make sure their clients remain secure on the web.

Coinomi did pay CipherBlade to carry out their investigations regarding this allegation. However, CipherBlade did state in their report that had they found evidence that Coinomi handled the situation unprofessionally, or that they were actually responsible, CipherBlade would have had no qualms in publishing their findings stating such facts. Furthermore, Coinomi offered to make use of their own resources to help Al Maawali with blockchain forensics which is a process that requires a lot of time, and a lot of money.

Al Malawi claimed that the platform contains a backdoor, his “passphrase was compromised, and $60K-$70K worth of cryptocurrency was stolen because of Coinomi wallet and how the wallet handled my passphrase.”
The problem with the passphrase is that once an investor enters his passphrase to the textbox, it is automatically inspected remotely by spellcheck through googleapis.com. It is “basically an HTML file ran by a Chromium browser component,” Al Malawi said.

He affirmed that the person who got access to the leaked private key used it to steal around 17 Bitcoins units.

However, in a press release published later, the company said the seed phrase was not being transmitted in plain text but encapsulated inside an SSL HTTPS protocol with Google as the unique recipient.

In Coinomi’s official reply, they also stated that the spell-check requests were not processed, cached or stored as it returned an error as they were flagged as “Bad Request” by Google “as they were badly formed (did not contain a valid Google API key) and never actually processed them.”

Al Malawi also built a dedicated website called Avoid-Coinomi.com where he also published videos explaining the flaws and the whole story.
One of the videos posted on AvoidCoinomi tries to demonstrate the vulnerability, and it looks that the option to decrypt HTTPS is selected in the software.

Finally, Coinomi affirmed that Al Malawi was blackmailing them. Coinomi’s COO Angelos Leoussis commented on the exchange’s official Telegram group that Al Malawi kept “threatening, swearing, and blackmailing us for insane amounts.” The amount claimed by Al Malawi was a ransom of 17BTC.

This allegation has now been solved, and Coinomi holds that no further action is required from any of its users, besides the requirement to update to the last version. Coinomi states that apart from Al Malawi’s false allegation, the company has seen zero reports of hacked desktop wallets.

Register for Latest Updates & News

We respect your email privacy

Subscribe now to recieve exclusive updates and offers!

Recently Similar News

Latest Guides

Latest News

11 Biggest Sponsorships Deals for the Crypto Market in 2021

The global sports industry is looking to revamp its activities and recover from the after-shocks of the COVID-19 pandemic. Cryptocurrency platforms on the other hand have enjoyed immense growth and are searching for big platforms that can provide better brand visibility. That’s where sports and crypto make a perfect match with many global sports organizations […]

1 December, 2021

ChangeNOW Unveils a New Cashback Feature

ChangeNow offers crypto users smooth exchanges and doesn’t stop there. The exchange platform provides registered users a chance to profit from crypto swaps with cashback in NOW tokens through the ChangeNOW website. The cryptocurrency exchange and processing platform offer you an effortless way to turn your traffic into profit and boost your crypto journey. The […]

15 November, 2021

Celsius Casino is Raising the Temperatures with a Voluminous Game Lobby

Celsius Casino has become a go-to gaming destination for casino fans looking for an action-packed online gaming platform. The online casino boasts a robust game catalogue with over 4,000 games. The extensive game portfolio caters to Slots, Table Games, and Live Casino fanatics and is powered by well-known providers such as Evolution Gaming, NetEnt, and […]

9 November, 2021

ChangeNOW Has Announced the Release of its Own Digital Wallet

Limitless and swift crypto exchange platform ChangeNOW has released its own non-custodial NOW Wallet, facilitating fiat to crypto purchases and reliable crypto transactions from the comfort of a mobile phone. NOW Wallet is available in beta version for both iOS and Android devices and allows users to transact with over 20,000 currency pairs, regardless of […]

29 October, 2021
BitPanda,Bonus,token

BitPanda Enhances Its BEST Rewards Programme

The EU-based cryptocurrency exchange, BitPanda, has improved its loyalty programme, BEST Rewards. It is now providing owners of its BitPanda EcoSystem Token (BEST) an additional 12% in potential revenue each year. Every registered BitPanda user who has BEST in his or her wallet and carries out at least one monthly trade will be eligible for […]

25 October, 2021
ChangeNOW,Decentralised,Fraud

ChangeNOW’s AML Action Lead To The Return Of $15M COMP

Earlier this week, ChangeNOW announced that it was able to identify and return 45,505 COMP back to Compound. The estimated value of this recovery is around the $15m mark. This remarkable achievement is further proof of the effectiveness of the exchange’s Anti-Money Laundering (AML) procedures. In an announcement made on ChangeNOW’s website, the company provided […]

6 October, 2021
CFD Trading Platform,eToro,Trading

eToro Lowers The FTD Minimum Across Several Countries

eToro, the social trading and multi-asset platform, has decided to lower the minimum first time deposit, or FTD. Until further updates, users who sign up today using the link below will be able to fund their trading account with as little as $50. This offer is only valid to users in selected countries. To participate […]

24 September, 2021
ChangeNOW,Cryptocurrency,Investment

ChangeNOW Launches The NOW Tracker App

The young, but fast-growing online cryptocurrency exchange, ChangeNOW, has just announced the release of its latest product. The NOW Tracker is a free asset management app that lets users keep track of their coins and tokens across different wallets. Available on Google Play and the App Store, NOW Tracker is flexible and functional. This solution […]

9 September, 2021