Crypto investor Claims He Got Stolen with $70K In Coinomi

Crypto investor Claims He Got Stolen with $70K In Coinomi

Cryptocurrency investor Warith Al Mawali affirmed that he was the victim of a theft as he lost $70K in life savings due to a Coinomi security flaw, according to a Reddit post.

As always, there are two sides to every story. One party says that Al Mawali’s funds disappeared as the Coinomi’s desktop wallet had a backdoor that sent passphrase information to Google; on the other side, the company affirmed it found an issue, but it was solved quickly, and there is no evidence that anybody was stolen.

The story went public when Al Mawali published blog posts in Reddit and Bitcointalk saying that he was disclosing all information because the crypto wallet refused to take responsibility.

Al Malawi claims that the platform contains a backdoor, his “passphrase was compromised, and $60K-$70K worth of cryptocurrency was stolen because of Coinomi wallet and how the wallet handled my passphrase.”
The problem with the passphrase is that once an investor enters his passphrase to the textbox, it is automatically inspected remotely by spellcheck through googleapis.com. It is “basically an HTML file ran by a Chromium browser component,” Al Malawi said.

He affirms that the person who got access to the leaked private key used it to steal around 17 Bitcoins units.

However, in a press release published later, the company said the seed phrase was not being transmitted in plain text but encapsulated inside an SSL HTTPS protocol with Google as the unique recipient.

Coinomi also stated that the spell-check requests were not processed, cached or store as it returned an error as they were flagged as “Bad Request” by Google “as they were badly formed (did not contain a valid Google API key) and never actually processed them.”

Al Malawi also built a dedicated website called Avoid-Coinomi.com where he also published videos explaining the flaws and the whole story.
One of the videos posted on AvoidCoinomi tries to demonstrate the vulnerability, and it looks that the option to decrypt HTTPS is selected in the software.

Finally, Coinomi affirmed that Al Malawi was blackmailing them. Coinomi’s COO Angelos Leoussis commented on the exchange’s official Telegram group that Al Malawi kept “threatening, swearing, and blackmailing us for insane amounts.”

The company also said that he offered that they will report the stolen assets to Chainalysis, which will blacklist the digital assets so no exchange would accept them. 

Recently Similar News

cex-promotion etoro-promotion

Latest Guides

Latest News

Asia,Binance,Japan,South Korea

Binance Reveal Three East Asian Expansion Plans

Yesterday was one that saw gradual developments emerging from Binance all of which focus on areas of East and South-East Asia. Throughout the day yesterday, Binance’s blog updated 3 times with news that the plan was making deals and launching accessibility options for currencies and blockchain-orientated companies in major Asian countries, Japan, South Korea and […]

21 January, 2020
CoinEx,Listings,Margin Trading,Promotion

CoinEx Announce Free Margin Trading Borrowing & KDA Listing

CoinEx have announced a period of free borrowing for margin trading and the listing of a new token known as KDA with a trading competition attached. The first of these announcements has come as means to celebrate the Bitcoin Cash (BCH) Halving which is scheduled for later this year. In March, the mining reward for […]

20 January, 2020
Coinbase,Cosmos,Exchange Platforms,Listings

Cosmos (ATOM) Is Now Live at Coinbase

Earlier this week, Coinbase listed the native token of an interoperable blockchain protocol that facilitates the transfer of data between existing chains, Cosmos. The token known as ATOM has been live on the platform since Thursday across the Coinbase platform This includes the possibility to do so while on the go on either the mobile […]

19 January, 2020
KuCoin,Listings,Margin Trading,Promotion

Borrow New Tokens on KuCoin Margin Trading With 0% Interest

KuCoin have expanded their listed tokens on their platform with the addition of 5 new tokens available to traders and are offering zero interest on these tokens as a special promotional offer. The KuCoin margin trading service is one of the newest products offered by the trading platform and has become an area of their […]

19 January, 2020
Exmo,Fiat,Updates

You Can Now Trade with Kazakhstan Tenge (KZT) at EXMO

EXMO has added to their fiat currency trading options with the inclusion of the Kazakhstan Tenge which became available on the platform earlier this week. EXMO hey were already one of a limited number of platforms that offered Polish Zloty, Ukrainian Hryvnia and Turkish Lira, but the decision to choose the Kazakhstan Tenge (KZT) is […]

18 January, 2020
Custodian,Fee Decrease,Kraken,Promotion

You Can Fund Your Kraken Account For Free This February

This February you can fund your Kraken account for free when you use Etana Custody. Etana is a custody service that operates with Tier 1 banks across the globe and holds offices in prominent locations of the financial world such as USA, Singapore, Japan, and Europe. The core model of the business is the offering […]

17 January, 2020
CEX,Launch,Stake,Staking

CEX’s New Automatic Staking Feature Has Officially Gone Live

The CEX Automatic Staking Feature has gone live with 4 tokens currently available to stake on the platform. CEX announced news of the staking feature last week but didn’t designate a specific time for it to launch. However, CEX users were informed yesterday that staking was up, running and ready for users to start earning […]

16 January, 2020
Acquisitions,Australia,Kraken,Updates

Kraken Acquires Australian Firm, Bit Trade

Kraken has announced the acquisition of Bit Trade – the longest-running Australian crypto service provider. Bit Trade has been in business since as far back as 2013. In that time, it has established a solid reputation thanks to its intuitive and sophisticated products and its assistance on ensuring security and regulatory compliance. This made it […]

15 January, 2020