MyAlgo warns users to withdraw funds due to unknown hack cause

The Algorand wallet provider stated that it has yet to discover the root of the ALGO exploits that have drained millions of dollars, asking users to remove funds from wallets created with a seed word.

MyAlgo, an Algorand network wallet provider, has advised its users to withdraw cash from any wallets created with a seed phrase due to an ongoing exploit that has seen an estimated $9.2 million in funds stolen.

On February 27, MyAlgo tweeted the advice, adding that it still doesn’t know what caused the latest wallet attacks and urging “everyone to take precautionary measures to secure their money.”

IMPORTANT: ⚠️We strongly advise all users to withdraw any funds from Mnemonic wallets that were stored in MyAlgo. As we still don't know the root cause of recent hacks, we encourage everyone to take precautionary measures to protect their assets. Thank you for your understanding.

— MyAlgo (@myalgo_) February 27, 2023

On that day, on February 27, the team tweeted a warning about a “targeted attack […] carried out against a bunch of high-profile MyAlgo accounts” that had apparently occurred throughout the previous week.

ZachXBT, the self-styled “on-chain sleuth,” stated in a Feb. 27 tweet that the exploit is suspected of stealing around $9.2 million, and crypto exchange ChangeNOW was able to freeze approximately $1.5 million in cash.

According to MyAlgo, individuals with mnemonic wallets with the key kept in an internet browser were particularly vulnerable to the hack. A mnemonic wallet typically generates a private key from 12 to 24 words.

On February 27, John Wood, chief technical officer at the Algorand Foundation, turned to Twitter to say that the attack had affected approximately 25 accounts.

1/n Update on the exploit impacting ~25 accounts: from our investigation, this is not the result of an underlying issue with the Algorand protocol or SDK.

— John Woods (@JohnAlanWoods) February 27, 2023

He went on to say that the vulnerability “does not come from an inherent fault with the Algorand protocol” or its software development kit.

On February 27, the Algorand-focused developer collective D13.co published a report that eliminated many potential exploit vectors such as malware or operating system vulnerabilities.

According to the report, the “most likely” scenarios were that the impacted users’ seed phrases were hacked via socially engineered phishing attacks or MyAlgo’s website was infiltrated, resulting in the “targeted exfiltration of unencrypted private keys.”

MyAlgo stated that it will continue to collaborate with authorities and perform a “thorough investigation to uncover the core cause of the attack.”